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PREFACE 


The  arithmetic  theory  of  numbers  is  ever  a  fascinating  subject,  the 
fundamentals  of  which  can  be  presented  with  ease  and  profit  to  the  aver- 
age undergraduate  student  of  mathematics  and  to  those  who  are  pre- 
paring to  teach  mathematics  provided  that  these  students  are  stimulated 
by  a  clear  and  logical  treatment  of  carefully  selected  topics.  It  is  the 
aim  of  this  textbook  to  offer  such  a  development  of  the  subject.  The 
facts  and  methods  of  proof  are  old,  indeed,  but  the  author  believes  that 
her  experience  of  teaching  the  theory  of  numbers  for  over  fifteen  years 
has  enabled  her  to  choose  the  topics  that  not  only  develop  the  student's 
insight  into  the  problems  of  this  field  but  also  furnish  an  ample  basis  for 
more  advanced  work.  The  simplicity  and  lucidity  of  the  presentation 
have  been  tested  time  and  again  in  the  classroom.  Experiment  has 
shown  that  the  student  appreciates  knowing  on  exactly  what  foundation 
the  reasoning  is  to  be  constructed.  Consequently,  care  has  been  taken 
to  orient  him  at  a  level  and  in  language  he  can  readily  understand.  Defi- 
nitions are  precise,  but  in  elementary  form.  Each  new  concept  is  illus- 
trated. Theorems  are  proved  in  detail.  Brief  historical  comments 
elucidate  the  material  and  provide  a  setting  for  it.  The  exercises  are 
graded.  They  include  a  sufficiently  large  number  of  numerical  problems 
to  develop  the  student's  power  of  inspection,  some  to  test  his  understand- 
ing of  simple  theoretical  questions,  and  others  to  challenge  his  originality. 

It  is  to  be  emphasized  that  this  book  is  just  a  text.  It  is  written  for 
the  student  rather  than  the  teacher.  It  is  neither  erudite  nor  exhaustive. 
The  reader  with  a  good  grasp  of  algebra  and  the  ability  to  concentrate 
will  be  able  to  understand  it.  It  is  hoped,  moreover,  that  it  will  interest 
him  and  induce  him  to  pursue  his  inquiries  further. 

The  author  is  indebted  to  her  students  in  both  the  graduate  and  under- 
graduate divisions  of  Brooklyn  College  for  their  help  in  accomplishing 
this  work.  They  have  patiently  perused  mimeographed  and  lithoprinted 
material,  indicating  by  their  lively  reactions  the  parts  to  be  retained, 
improved,  or  deleted.  One  of  them,  Miss  Alice  Osterberg,  has  given 
expert  assistance  in  reading  the  proof.  Their  contributions  are  gratefully 
acknowledged. 


Vi  PREFACE 

It  is  apparent  that  there  is  more  material  in  the  text  than  can  be 
covered  by  the  average  class  of  undergraduates  in  only  one  semester. 
Owing  either  to  the  importance  of  the  information  or  to  the  method  of 
proof  involved,  however,  with  the  exception  of  Theorem  3-20,  on  the 
number  of  primes  not  exceeding  the  positive  integer  n,  it  is  suggested 
that  no  theorem  be  omitted  until  Chap.  4  has  been  completed.  Then, 
for  the  ordinary  course,  Theorems  5-7,  5-8,  5-9,  and  5-11,  Theorems  6-3 
through  6-6  and  6-9  through  6-12,  Theorems  7-11  through  7-16,  as  well 
as  all  of  Chap.  8  may  be  omitted.  For  the  convenience  of  the  reader  the 
theorems  just  mentioned  have  been  marked  with  an  asterisk.  Most 
instructors  will  wish  to  include  as  much  of  Chap.  9,  on  quadratic  residues, 
as  time  permits.  Theorems  from  Chap.  10  may  be  selected  at  pleasure 
provided  that  Theorem  10-4,  on  the  Pythagorean  triangle,  is  included. 
The  last  two  chapters  will,  doubtless,  have  to  be  omitted  in  a  45-hour 
course. 

Harriet  Griffin 
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CHAPTER  1 
THE  FUNDAMENTAL  LAWS 


1-1.  The  Development  of  the  Integers.  The  rational  integers  are  the 
result  of  many  centuries  of  development  of  the  concept  of  number. 
Doubtless  man  learned  first  to  distinguish  oneness  and  otherness  without 
abstracting  the  idea  of  number  itself.  The  basic  notion  in  the  concept  of 
number  is  that  of  one-to-one  correspondence.  If  there  are  two  sets  of 
elements,  A  and  B,  and  if  to  each  element  of  A  there  is  assigned  exactly 
one  element  of  B,  while  each  element  of  B  is  thereby  related  to  a  single 
element  of  A,  the  relationship  is  called  a  one-to-one  reciprocal  correspond- 
ence. By  means  of  such  a  relation  a  man  could  determine  that  he  had 
exactly  as  many  rings  as  he  had  fingers  even  though  he  had  not  learned  to 
count.  Any  two  sets  that  can  be  put  into  one-to-one  correspondence  are 
said  to  have  the  same  number.  Thus  the  concept  of  number  implies  the 
abstraction  of  that  property  which  is  common  to  sets  that  are  so  related. 
However  imperfect  these  concepts  may  have  been,  man  did  eventually 
learn  to  count  and  to  represent  by  marks  the  ideas  now  represented  by 
the  symbols  1,  2,  3,  .  .  .  .  These  numbers  have  the  single  property  of 
denoting  quantity.  They  answer  the  question,  How  many  units?  They 
are  the  natural  numbers,  and  they  were  the  only  numbers  known  to  the 
Greeks  until  Diophantus  (c.  275)  extended  the  concept  of  number  to 
include  fractions.  To  be  sure  the  Ahmes  papyrus,  which  was  written 
before  1700  B.C.,  indicates  that  in  their  calculations  the  Egyptians 
employed  symbols  that  are  equivalent  to  fractions  with  numerator  one, 
but  such  symbols,  even  to  the  Greeks  of  Euclid's  time,  referred  to  the 
notion  of  magnitude  rather  than  number.  The  art  of  calculating  was 
thus  distinguished  from  the  science  of  number.  It  is  to  be  noted  that 
zero  is  not  among  the  natural  numbers.  The  Greeks  had  no  symbol  for 
zero.  It  was  probably  not  until  the  fifth  century  that  the  Hindus  intro- 
duced a  symbol  for  zero  and  the  principle  of  position  in  writing  numbers. 
These  were,  indeed,  great  accomplishments  in  the  field  of  arithmetic. 
By  the  twelfth  century  the  advancement  of  the  Hindus  in  algebra  almost 
matched  their  achievements  in  arithmetic,  for  they  were  the  first  to 
recognize  the  existence  of  negative  quantities  even  though  they  did  not 
admit  them  as  solutions  of  their  problems.  It  was  not  until  the  sixteenth 
century  that  European  mathematicians  reached  this  stage  of  development 
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of  the  idea  of  number,  and  it  remained  for  Descartes  (1596-1650)  to  grasp 
completely  the  concept  of  signed  numbers.* 

The  signed  numbers  have  two  basic  properties.  They  compound  the 
idea  of  quantity  with  that  of  quality.  Thus,  although  each  of  the  sym- 
bols +  1,  —  1,  +5,  and  —5  represents  but  one  number,  that  number  has 
two  fundamental  attributes.  It  is  evident,  moreover,  that  a  one-to-one 
correspondence  can  be  set  up  between  the  positive  integers  and  the  natural 
numbers  in  the  following  manner:  +1  *-*  1,  +2  «-»  2,  +3  <->  3,  .  .  .  . 

1-2.  The  System  of  Rational  Integers.  The  classical  theory  of  num- 
bers, arithmetica,  is  properly  concerned  with  the  study  of  only  the  natural 
numbers  1,  2,  3,  .  .  .  .  Nevertheless,  we  shall  make  use  of  the  system  of 
rational  integers  0,  ±1,  ±2,  .  .  .  because,  besides  being  of  interest  in 
itself,  this  set  has  properties  not  possessed  by  the  natural  numbers  that 
enable  us  to  develop  many  theorems  expounding  the  qualities  of  the 
natural  numbers  through  methods  that  have  the  facility  characteristic 
of  an  algebraic  presentation.  Throughout  this  text,  therefore,  the  word 
" integer,"  unless  otherwise  stated,  will  refer  to  a  rational  integer,  and  the 
letters  a,  b,  c,  .  .  .  ,  x,  y,  z,  will  represent  these  integers.  Moreover,  we 
shall,  as  a  rule,  observe  the  usual  convention  of  omitting  the  positive 
signs  in  writing  +1,  +2,  +3,  .... 

What  shall  we  study  about  these  integers?  Just  consider  the  integers 
from  1  through  10,  and  they  will  serve  to  illustrate  some  salient  facts. 
It  is  apparent  that  the  product  of  three  consecutive  integers  is  divisible 
by  6,  that  when  two  consecutive  even  integers  are  chosen,  one  is  divisible 
by  4.  You  will  claim  you  have  known  all  your  life  that  we  need  only  the 
10  digits  0,1,  .  .  .  ,  9  to  write  any  integer,  but  can  this  be  accomplished 
in  another  way?  Have  you  ever  noticed  the  remarkable  fact  that,  of  the 
consecutive  integers  8  and  9,  one  is  a  perfect  cube  and  the  other  a  perfect 
square?  Surely  you  have  not  overlooked  the  familiar  right  triangle 
whose  sides  have  the  lengths  3,  4,  and  5.  Again,  the  sum  of  the  positive 
divisors  of  6  is  double  itself.  Can  you  find  another  integer  having  this 
property?  Although  for  its  size  6  has  many  divisors,  you  notice  that 
5  has  but  ±  1  and  ±  5.  Observe  how  close  the  first  few  integers  of  the 
latter  type  are.  Would  you  be  interested  in  examining  the  law  indicated 
by  the  following  equations? 

3  =  1  +  1  +  1  4  =  1+3 

5=1+1+3  6=1+5=3+3 

7=1+1+5=1+3+3  8=1+7=3+5 

9  =  1  +  1+7  =  1+3  +  5  10  =  3  +  7  =  5  +  5 

Perhaps  these  few  examples  will  stimulate  the  reader  to  look  for  some 
other  significant  facts.     Having  made  a  discovery,  he  certainly  will  want 
*  F.  Cajori,  "A  History  of  Mathematics." 
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to  determine  why  it  is  so.  That,  indeed,  is  the  attitude  we  wish  to  foster, 
and  so,  starting  with  elementary  notions,  we  shall  set  up  a  basis  for  show- 
ing that  certain  laws  do  hold. 

We  shall  assume  that  the  reader  is  familiar  with  the  concepts  of  num- 
ber, uniqueness,  relation,  sum,  difference,  product,  equality,  greater  than, 
absolute  value,  etc.  We  shall  assume  that  he  understands  the  funda- 
mentals of  algebra  and  the  derivative  with  respect  to  x  of  a  rational 
integral  algebraic  function  of  the  real  variable  x.  We  shall  also  suppose 
that  he  is  familiar  with  the  content  of  the  following  system  of  postulates 
which  the  integers  obey: 

1.  The  set  of  rational  integers  contains  +1  (positive  real  one)  and  at 
least  one  other  integer. 

2.  The  law  of  closure  for  addition:  For  each  pair  of  integers  a  and  b, 
in  that  order,  the  sum  of  a  and  b  exists  and  is  a  unique  integer  c.  Thus 
a  +  b  =  c. 

3.  The  commutative  law  for  addition:  a  +  b  =  b  +  a. 

4.  The  associative  law  for  addition :  (a  +  b)  +  c  =  a  +  (6  +  c) . 

5.  The  equation  a  +  x  =  c  has  a  solution  for  x  that  is  an  integer. 
The  second  postulate  tells  us  that  the  operation  of  addition  exists  for 

the  rational  integers.  Moreover,  since  +1  is  in  the  set,  we  can  generate 
a  subset  of  integers  by  merely  adding  + 1  to  itself  and  to  each  result  so 
obtained.  Thus  we  have  1  +  1  =  2,  2  +  1  =  3,  .  .  .  .  We  call  all 
these  numbers  positive  integers,  and  1,  2,  3,  .  .  .  are  distinct. 

Furthermore,  if  a  +  c  =  b  and  c  is  positive,  we  say  that  a  <  b  (a  is  less 
than  b)  or  that  b  >  a  (b  is  greater  than  a) .  The  set  of  rational  integers  is 
ordered  by  this  relation  "less  than." 

The  fifth  postulate  says  that  subtraction  exists,  and  we  therefore  write 
the  statement  a  +  x  =  c  in  the  form  c  —  a  =  x.  We  shall  show  later 
that  we  can  derive  the  fact  that  there  is  a  single  integer  0  such  that 
a  +  0  =  a  for  any  integer  a. 

6.  The  law  of  closure  for  multiplication:  For  each  pair  of  integers  a 
and  b,  in  that  order,  the  product  of  a  and  b  exists  and  is  a  uniquely  deter- 
mined integer  c.     Thus  a  •  b  =  c,  or  ab  =  c. 

7.  o(  +  l)  =  a  for  any  integer  a. 

8.  The  commutative  law  for  multiplication:  ab  =  ba. 

9.  The  associative  law  for  multiplication:  (ab)c  =  a(bc). 

10.  The  distributive  law:  a(b  +  c)  =  ab  +  ac. 

11.  The  cancellation  law  for  multiplication:  If  ab  =  ac  and  a  tA  0,  then 
b  =  c. 

12.  There  is  no  integer  x  such  that  a  <  x  <  a  +  1. 

The  last  statement  means  that  there  is  no  integer  between  a  and  a  +  1. 
Hence,  a  and  a  +  1  are  called  consecutive  integers.  We  say,  then,  that 
the  rational  integers  form  a  discrete  set,  for  when  they  are  arranged 
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according  to  the  relation  "less  than"  and  then  separated  into  any  two 
parts  without  disturbing  the  array,  there  is  a  first  integer  in  one  part  and 
a  last  integer  in  the  other. 

13.  Any  sequence  of  integers  rii,  where  i  =  1,  2,  3,  .  .  .  ,  such  that 
fti  >  n2  >    •  •  '    >  0  has  a  least  positive  integer. 

14.  If  a  =  6  and  c  =  d,  then  a  +  c  =  6  +  d  and  ac  =  bd. 

15.  If  a  =  b,  then  either  one  may  be  substituted  for  the  other  in  any 
relation. 

16.  If  +1  has  a  property  and  if  n  +  1  has  this  property  whenever  the 
positive  integer  n  has  it,  then  every  positive  integer  has  the  property. 

This  last  postulate  is  the  one  on  which  the  method  of  mathematical 
induction,  sometimes  called  "finite  induction,"  is  based.  We  shall  use 
this  method  for  both  definition  and  proof.  For  example,  we  can  define 
the  sum  of  a  finite  number  of  integers  inductively  on  the  basis  of  the 
second  postulate.  Thus  a  +  b  +  c  =  (a  +  b)  +  c,  a+6+c+d= 
(a  +  b  +  c)  +  d,  and,  in  the  general  case,  a  +  6  +  •  •  •  +  m  +  n  = 
(a  +  b  +  *  *  •  +  m)  +  n. 

It  is  worth  while  recalling  that  the  relation  "equals"  which  we  have 
used  so  frequently  in  stating  these  postulates  has  the  following  properties : 

1.  Equals  is  reflexive;  that  is,  a  =  a. 

2.  Equals  is  symmetric;  that  is,  if  a  =  b,  then  b  =  a. 

3.  Equals  is  transitive;  that  is,  if  a  =  b  and  b  =  c,  then  a  =  c. 

The  system  of  postulates  which  we  have  stated  above  is  certainly  not 
the  most  concise  one  that  might  have  been  chosen.  To  be  sure,  some  of 
the  statements  can  be  derived  from  others.  But  the  set  is  sufficiently 
elementary  for  our  purposes  and  permits  us  to  develop  the  ideas  we  need 
on  a  basis  that  will  be  readily  understood  by  the  student. 

We  shall  prove  first  that  there  is  a  unique  integer  0  such  that,  for  any 
integer  b,  b  +  0  =  b.  The  fifth  postulate  tells  us  that  corresponding  to 
a  particular  integer  a  there  is  an  x  such  that  a  +  x  =  a.  We  shall  call 
this  integer  Oi  and  shall  show  that  b  +  Oi  =  b  for  any  b.  We  have 
a  +  Oi  =  a.     But  c  exists  such  that  b  =  c  +  a.     Hence, 

b  +  0X  =  (c  +  a)  +  Oi 
=  c  +  (a  +  Oi) 
=  c  +  a 
=  b 

This  integer  Oi  is  unique,  for  if  there  were  a  second  integer  O2  such  that 
b  +  02  =  b  for  any  b,  then  02  +  Oi  =  02  and  Oi  +  02  =  Oi.  But  Oi  + 
02  =  02  +  Oi,  and  therefore  Oi  =  02.  There  is,  then,  but  a  single  integer, 
zero,  designated  by  0,  such  that  b  +  0  =  b  for  any  b.  We  may  also  write 
this  statement  in  the  form  6  —  6  =  0. 

Since  0  +  6  =  6,  it  follows  immediately  that  if  6  is  positive,  6  is  greater 
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than  zero,  and  conversely.  Moreover,  0  +  1  =  1  shows  that  0  and  +1 
are  consecutive  integers. 

Furthermore,  for  each  integer  a  there  exists  an  integer  x  such  that 
a  _f_  x  =  o.  This  integer  x  is  called  the  negative  of  a.  It  is  the  inverse 
of  a  with  respect  to  addition,  and  it  is  designated  by  —a.  Thus  a  + 
(  —  a)  =0.  This  inverse  is  unique  because  the  following  argument  shows 
that  subtraction  is  always  unique. 

Suppose  that  subtraction  is  not  unique  and  that  when  a  and  c  are  given, 
both  b\  and  62  are  such  that 

a  +  6i  =  c  =  a  +  62 


Since 

and  since 

it  follows  that 

and  that 

Hence, 


a  +  (  —  a)  =  (  —  a)  +  a  =  0 
(-a)  +  (a  +  6i)  =  (-a)  +  (a  +  62) 
[(-a)  +  a]  +  6i  =  [(-a)  +  a]  +  62 
0  +  6i  =  0  +  b2 


&i  =  6 


Consequently,  subtraction  is  unique. 

The  inverse  of  a  positive  integer  is  said  to  be  a  negative  integer.  Accord- 
ingly, we  write  —  (+2)  =  —  2 ;  that  is,  the  negative  of  positive  two  is  nega- 
tive two.  Moreover,  each  of  these  negative  integers  is  less  than  zero,  for 
( —  a)  +  a  =  0,  where  a  is  positive.  For  the  same  reason,  —  ( —  a)  =  a. 
This  means  that  a  is  the  inverse  with  respect  to  addition  of  —a;  that  is,  a 
is  the  negative  of  negative  a.  This  statement  implies  that  the  positive 
integers  are  the  negatives  of  the  negative  integers.  To  summarize,  we 
have  proved  that: 

Theorem  1-1.  There  is  a  unique  integer  0  such  that,  for  any  integer  6, 
b  +  0  =  b. 

Theorem  1-2.  Subtraction  is  unique,  and  each  integer  has  a  unique 
inverse  with  respect  to  addition. 

Has  it  ever  occurred  to  you  that  6-0  =  0  for  any  b  because  of  the  basic 
principles  we  have  stated?  We  know  that  a  +  0  =  a,  and  so  when 
a^0,  consider  the  equation  b-a-\-b'0  =  b-a.  But  b  •  a  =  c  and 
uniquely  so.  Hence,  c  +  b  •  0  =  c.  However,  c  +  0  =  c,  and  subtrac- 
tion is  unique.  Therefore,  b  •  0  =  0.  Notice  that  when  6  =  0,  this 
statement  includes  0*0  =  0.     Thus  we  have: 

Theorem  1-3.     For  any  integer  6,  6  •  0  =  0. 

We  have  seen  that  c  +  (  — c)  =0.     Hence,  ac  +  a(—c)  =  a  •  0  =  0. 
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But  ac  +  (— oc)  =  0,  and  this  inverse  is  unique.     Consequently,  a(—c) 
=  —  ac.     When  c  =  1,  this  equation  includes  a(  —  1)  =  —  (a(  +  l))  =  —a. 
Furthermore,  subtraction  can  be  accomplished  by  addition,  for  we  can 
prove : 

Theorem  1-4.     a  —  b  =  a  +  (  —  b). 

According  to  the  definition  of  subtraction,  a  —  b  =  x,  where  the 
integer  x  is  such  that  b  +  x  =  a.  We  wish  to  prove  that  a  +  ( —  b)  is  the 
proper  value  of  x.  Substituting  a  +  (  —  b)  for  x  in  the  last  equation,  we 
have 

b  +  [a  +(-6)]  -  b  +  [(-b)  +a] 
=  [b  +  (~b)]  +a 
=  0  +  a 
=  a 

Theorem  1-5.     If  a  >  b,  then  —  b  >  —  a,  and  conversely. 
If  a  >  b,  then  a  =  b  +  c  with  c  positive,  and,  by  multiplying  each 
member   of   the  equation   by    —1,   we  find   that    —a  =  (  —  b)  +  (  —  c). 
Hence,  (  —  a)  +  c  =  [(  —  b)  +  (  — c)]  +  c,  and  finally  (  —  a)  +  c  =  —  b,  so 
that  —6  >  —a.     The  converse  is  now  evident. 
Theorem  1-6.      -(a  -  1)  =  -a  +  1. 
We  know  that 

-(a-  1)  =  (a-  1)(-1) 

=  [a+(-l)](-l) 
=  -a  +  1 

As  a  result  there  is  no  integer  between  —a  and  —  (a  —  1) ;  that  is,  if  two 
integers  are  consecutive,  as  are  a  —  1  and  a,  so  are  their  negatives.  We 
must  conclude,  therefore,  that  the  integers  are  positive,  zero,  or  negative. 

EXERCISES 

1.  Show  that  if  a  =  b,  then  the  negative  of  a  equals  the  negative  of  b. 

2.  Show  that  if  a  =  b,  it  cannot  also  be  true  that  a  >  b. 

3.  Show  that  a  <  b  and  a  >  b  cannot  both  be  true. 

4.  Show  that  if  a  <  b  and  a  =  b  +  c,  then  c  is  a  negative  integer. 

5.  If  a  =  b  +  c  and  c  is  negative,  prove  that  a  <  b. 

6.  Prove  that  a(b  —  c)  =  ab  —  ac. 

7.  On  the  basis  of  postulate  11,  prove  that  if  ab  =  0  and  a  ?±  0,  then  6=0. 

8.  Show  that  the  theorem  of  Exercise  7  is  a  sufficient  condition  for  the  cancellation 
law  for  multiplication. 

9.  Prove  the  law  of  signs  for  addition. 

10.  Prove  the  law  of  signs  for  multiplication. 

1-3.  Definitions.  The  law  of  closure  with  respect  to  addition  together 
with  the  principle  of  finite  induction  shows  that  when  we  apply  the  opera- 
tion of  addition  to  a  finite  number  of  integers  of  our  set,  the  result  is 
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necessarily  in  the  set.  We  know  also  that  subtraction  can  be  converted 
into  addition  and  that  the  result  is  unique.  When  we  restrict  ourselves 
to  the  use  of  integers,  it  is  also  evident  that  our  laws  provide  that  the 
product  of  a  finite  number  of  them  always  exists.  But  it  is  not  always 
possible  to  find  an  integer  that  will  satisfy  the  equation  ax  =  b  when  a 
and  b  are  any  integers,  and  therefore  it  is  necessary  to  define  what  we 
mean  by  division. 

An  integer  b  is  said  to  divide  an  integer  a  if  there  exists  an  integer  c  such 
that  a  =  be.  Under  these  conditions  it  is  also  said  that  a  is  divisible  by 
b.  The  operation  is  written  in  the  form  b  \  a  and  is  read,  "b  divides  a." 
If  no  integer  c  exists,  we  write  b  Jf  a  and  read  it,  "b  does  not  divide  a." 
When  6^0  and  c  exists,  c  is  unique,  for  if  a  =  bci  and  a  =  bc2,  then 
bci  =  bc2  and  c\  =  c2  by  the  cancellation  law  for  multiplication.  When 
b  =  0,  c  does  not  exist  unless  a  =  0,  in  which  case  c  is  not  unique. 

When  a  =  bc,b  is  said  to  be  a  factor  of  a,  or  a  divisor  of  a ;  a  is  a  multiple 
of  b;  and  when  b  ^  0,  c  is  the  quotient  of  a  by  b.  The  integer  c  is  often 
referred  to  as  the  factor  of  a  that  is  complementary  to  b. 

We  recall  that  \a\  =  a  if  a  is  positive  or  zero  and  \a\  =  —a  if  a  is  nega- 
tive. It  is  clear,  therefore,  that  when  a  ^  0  and  a  =  be,  then  \a\  >  \b\, 
for  a  =  be  implies  that  neither  b  nor  c  is  zero  and  that  \a\  =  \b\  \c\.  But 
\c\  being  positive,  it  is  at  least  +1.  Hence,  \c\  =  1  +  r,  where  r  >  0,  and 
\a\  =  |6|(1  +  r)  =  \b\  +  \b\r.  When  r  =  0,  it  is  thus  evident  that 
\a\  =  \b\,  and  when  r  >  0,  \a\  >  \b\. 

Theorem  1-7.     If  b  divides  a,  and  if  c  divides  b,  then  c  divides  a. 

Since  b  \  a  and  c  |  b,  integers  d  and  e  exist  such  that  a  =  bd  and  b  =  ce. 
Hence,  a  =  (ce)d  =  c(ed),  and  therefore  c  |  a. 
;  Theorem  1-8.     If  b  divides  a,  and  b  divides  c,  then  b  divides  a  +  c. 

Theorem  1-9.  If  6  divides  a,  and  b  does  not  divide  c,  then  b  does  not 
divide  a  +  c. 

Since  6  |  a,  then  a  =  bd  and  a  +  c  =  6c?  +  c.  If  6  did  divide  a  +  c, 
we  should  have  a  -\-  c  =  be  and  6e  =  6c?  +  c.  Hence,  b(e  —  d)  =  c,  and 
b  would  divide  c. 

Theorem  1-10.  If  6  ?*  0,  the  difference  between  two  of  the  nonnega- 
tive  integers  0,  1,  2,  .  .  .  ,  |6|  —  1  is  not  divisible  by  b  unless  the  two 
integers  are  equal. 

Choose  ri  and  r2  so  that  0  <  ri  <  |6|  and  0  <  r2  <  \b\.  (These  state- 
ments are  often  combined  by  writing  0  <  ri,  r2  <  \b\.)  Suppose  that 
ri  >  r2.  If  ri  —  r2  =  mb,  then  ri  =  mb  +  r2.  Therefore,  n  >  |6|,  for 
mb  >  0.  But  this  result  is  contrary  to  the  hypothesis,  and  consequently 
b  \  (n  -  r2). 

A  common  factor,  or  common  divisor,  of  two  or  more  integers  is  an  integer 
that  divides  each  of  the  given  integers. 

A  greatest  common  divisor  of  a  set  of  two  or  more  integers,  not  all  zero, 
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is,  if  it  exists,  a  common  divisor  of  the  set  that  is  divisible  by  every  com- 
mon divisor  of  the  set.*  We  notice  then  that  if  -\-d  is  a  greatest  common 
divisor  of  a  set  of  integers,  so  is  —  d.  It  is  conventional,  however,  to 
refer  to  the  one  of  the  two  integers  -\-d  and  —  d  that  is  positive  as  the 
greatest  common  divisor.  It  is  evident,  too,  that  the  greatest  common 
divisor  of  a  set  of  integers  is  unchanged  if  any  at-  of  the  set  is  replaced  by 
—  cti.  The  symbol  d  =  (ah  a2,  .  .  .  ,  ar)  is  used  to  denote  that  d  is  the 
greatest  common  divisor  of  the  set  a\,  0,2,  ,  .  .  ,  ar;  for  example,  3  = 
(6,  12,  -15),  and  12  =  (36,48). 

A  common  multiple  of  two  or  more  integers  is  an  integer  that  is  divisible 
by  each  of  the  given  integers. 

A  least  common  multiple  of  two  or  more  integers  is,  if  it  exists,  a  common 
multiple  that  is  a  divisor  of  every  common  multiple  of  the  given  integers. 
It  is  evident  that  if  a  ^  0  is  a  least  common  multiple  of  a  set  of  integers, 
then  —a  is  also.  Again,  it  is  usual  in  this  case  to  refer  to  the  positive 
integer  that  fits  the  definition  as  the  least  common  multiple.  The  least 
common  multiple  is  unchanged  if  any  of  the  given  integers  az-  is  replaced 
by  —  di.     The  least  common  multiple  of  6,  —15,  and  9  is  90. 

A  unit  is  an  integer  that  divides  every  integer.  Since  +1  and  —1 
divide  every  integer,  they  are  both  units. 

Theorem  1-11.     The  rational  integers  have  but  two  units,  +1  and  —  1. 

If  there  is  a  third  unit,  let  it  be  denoted  by  x.  Then  x  divides  +1,  and 
therefore  \x\  <  +1.  But  because  +1  is  a  unit  and  x  is  an  integer,  +1 
divides  x  and  thus  +1  <  \x\  since  x  9^  0.  Consequently,  \x\  =  +1,  and 
x  is  +1  or  —  1. 

The  null  element  is  an  integer  that  divides  only  itself.  We  know  from 
the  definition  of  division  that  zero  divides  only  itself.  For  any  a,  hoAv- 
ever,  a  •  0  =  0,  and  consequently  any  integer  divides  zero.  Therefore, 
no  integer  different  from  zero  is  a  null  element.     Hence,  we  have: 

Theorem  1-12.     Zero  is  the  null  element  of  the  rational  integers. 

The  associates  of  an  integer  are  the  results  of  multiplying  it  by  the  units. 
Thus  +6  and  —6  are  a  set  of  associates.  When  an  integer  is  divisible  by 
some  integer,  it  is  obviously  divisible  by  each  of  the  associates  of  that 
integer  and  consequently  in  any  problem  it  is  necessary  to  show  only  the 
division  by  one  of  the  associates. 

A  prime  is  an  integer,  not  a  unit,  that  is  divisible  by  only  its  associates 
and  the  units.  This  definition  implies  that  the  greatest  common  divisor 
of  a  prime  p  and  an  integer  a  is  1,  or  the  positive  associate  of  p. 

*  This  definition  and  that  of  a  least  common  multiple  are  so  worded  that  they  will 
apply  equally  well  in  a  domain  of  algebraic  integers  where  we  cannot  say  of  two  dis- 
tinct integers  that  one  must  be  less  than  the  other.  For  instance,  the  set  of  algebraic 
integers  of  the  form  a  +  bi  with  a  and  b  rational  integers  is  not  ordered  by  the  relation 
"less  than." 
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An  integer  that  is  not  the  null  element,  a  unit,  or  a  prime  is  a  composite. 

Two  or  more  integers  are  prime  to  each  other,  or  relatively  prime,  if  their 
greatest  common  divisor  is  +1.  The  integers  6,  —9,  and  14  are  rela- 
tively prime. 

Two  or  more  integers  are  said  to  be  prime  each  to  each,  or  relatively 
prime  in  pairs,  if  the  greatest  common  divisor  of  all  possible  pairs  is  +1. 
The  integers  3,  4,  and  35  are  relatively  prime  in  pairs. 

Theorem  1-13.  If  d  is  the  greatest  common  divisor  of  a  and  b,  the 
quotients  obtained  by  dividing  them  by  d  are  relatively  prime. 

If  d  =  (a,  b),  let  a  =  aQd  and  b  =  bod.  Let  e  be  any  common  divisor 
of  a0  and  b0.  Then  ao  =  ek,  b0  =  em,  and  a  =  dek,  b  =  dem.  Hence, 
de  is  a  common  divisor  of  a  and  b  and  must  divide  d;  that  is,  d  =  des. 
Therefore,  es  =  1.  But  this  is  impossible  unless  e  =  +1.  Conse- 
quently, (o0,  b0)  =  1. 

1-4.  The  Principle  of  Archimedes.  Among  the  early  mathematicians 
who  contributed  to  the  theory  of  numbers  were  Euclid  (c.  300  B.C.),  and 
Archimedes  (c.  225  B.C.).  Euclid  was  very  much  interested  in  the  theory 
of  numbers.  He  collected  and  organized  many  propositions  concerning 
the  integers  in  his  "  Elements. "  On  the  other  hand,  although  Archi- 
medes is  considered  one  of  the  greatest  mathematicians  of  all  time,  he  did 
little  with  this  branch  of  the  subject  and  but  one  theorem  in  the  theory  of 
numbers  bears  his  name.     This  theorem  is,  however,  a  basic  one. 

We  shall  assume  the  principle  of  Archimedes  extended  to  include  the 
rational  integers.  This  principle  states  that  any  integer  a  either  is  a 
multiple  of  an  integer  b  ^  0  or  lies  between  two  consecutive  multiples  of 
b;  that  is,  corresponding  to  each  pair  of  integers  a  and  6^0,  there  exists 
an  integer  m  such  that,  for  b  >  0, 

mb  <  a  <  (m  +  1)6 
and,  for  b  <  0, 

mb  <  a  <  (m  —  l)b 

Theorem  1-14.  The  theorem  of  Euclid.  Corresponding  to  two 
integers  a  and  6^0,  there  exist  two  integers  m  and  r  such  that 

a  =  bm  +  r        0  <  r  <  |6| 

and  m  and  r  are  unique. 

Except  for  the  unicity  of  m  and  r  the  theorem  follows  immediately 
from  the  principle  of  Archimedes,  for  when  b  >  0,  it  is  evident  that  the 
inequalities  yield  0  <  a  —  mb  and  a  —  mb  <  b,  and  when  b  <  0,  0  < 
a  —  mb  and  a  —  mb  <  —b.  Thus  r  =  a  —  mb  exists  and  fulfills  the 
required  conditions.  Suppose  then  that  a  —  bm\  +  n  and  a  =  bm2  +  r2, 
where  0  <  r1}   r2  <  \b\.     Hence,   b{mx  —  m2)  =  r2  —  rh   and   b   divides 
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r2  —  r\.  Therefore,  r\  =  r2,  and  b (mi  —  m2)  =  0.  Since  6^0,  this 
equation  shows  that  mi  —  m2  =  0  and  that  mi  =  ra2. 

We  shall  call  r  the  remainder  and  m  the  quotient  in  the  division  of  a  by  b. 

Theorem  1-15.  An  integer  a  is  or  is  not  prime  to  an  integer  6^0 
according  as  the  remainder  in  the  division  of  a  by  b  is  or  is  not  prime  to  b. 

The  theorem  of  Euclid  shows  that 

a  =  bm  +  r        0  <  r  <  \b\ 

and  hence  an  integer  d  divides  a  and  b  if  and  only  if  d  divides  both  r  and 
b.  For  example,  to  find  out  whether  or  not  152  is  prime  to  21,  just  divide 
152  by  21,  getting  the  remainder  5.     Since  (5,  21)  =  1,  then  (152,  21)  =  1. 

Theorem  1-16.     All  integers  take  the  form  2n  or  2n  +  1. 

According  to  the  theorem  of  Euclid,  any  integer  a  can  be  expressed  in 
the  form 

a  =  2n  +  r         0  <  r  <  2 

so  that  r  is  either  0  or  1. 

An  even  integer  is  one  that  is  a  multiple  of  2.  An  integer  that  is  not 
even  is  odd.  The  classification  of  the  integers  into  odd  and  even  integers 
was  made  by  the  Pythagoreans. 

EXERCISES 

1.  Prove  that  the  product  of  any  two  consecutive  integers  is  divisible  by  2. 

The  product  of  any  two  consecutive  integers  can  be  written  in  the  form  n(n  +  1). 
But  then,  according  to  the  theorem  of  Euclid,  n  has  the  form  2k  or  2k  +  1,  whence 
the  product  has  the  form  2k(2k  +  1)  or  (2k  +  l)(2k  +  2)  =  2 (2k  +  1)(&  +  1).  In 
either  case  the  product  has  the  factor  2.  / 

2.  Show  that  the  sum  of  an  integer  and  its  square  is  even. 

3.  Show  that  all  integers  take  the  form  Sn,  Sn  +  1,  or  Sn  —  1.      * 

4.  Prove  that  the  product  of  any  three  consecutive  integers  is  divisible  by  3. 

5.  Prove  that  the  square  of  an  odd  integer  has  the  form  8n  +  1. 

6.  Prove  by  induction:  1  +  3  +  6  +   •  •  •   +  n(n  +  l)/2  =  n(n  +  l)(n  +  2)/6 
for  n  >  0. 

When  n  =  1,  the  left-hand  member  is  1  and  the  right-hand  member  is  l(2)(3)/6  =  1. 
The  statement  is  thus  true  in  the  first  case.  Now  assume  that  the  statement  is  true 
for  n  =  k.  The  first  term  of  this  series  is  1,  and  the  £th  term,  given  by  the  term 
formula  n(n  +  l)/2,  is  k(k  +  l)/2.     Hence, 

1J_o.  ,   k(k  +  1)  _  k(k  +  l)(fc  +2) 

1  +  3  +  •  •  •   +         ^ 6  (  } 

where  the  right-hand  member  of  the  equation  is  the  sum  of  the  first  k  terms  of  the 
series  obtained  from  the  formula  for  the  sum  of  n  terms. 

We  must  now  show  by  a  general  method  that  the  sum  of  the  first  k  +  1  terms  of 
the  series  can  be  correctly  obtained  from  the  sum  formula.  To  accomplish  this  end, 
we  shall  build  up  the  series  of  k  +  1  terms  by  adding  the  (k  +  l)st  term  to  the  indi- 
cated sum  of  the  first  A;  terms.     The  (k  +  l)st  term  is  obtained  from  the  term  formula 
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by  substituting  k  +  1  for  n  and  is  (k  +  l)(k  +  2)/2.  But  if  we  add  this  number  to 
one  member  of  Eq.  (1),  we  must  add  it  to  the  other  member  also  to  maintain  an 
equality.     Thus  we  have 

,,,,  ,  k(k  +  l)  (k  +  l)(k+2)  k(k  +  l)(k+2)  ,  (k  +  l)(k+2)  m 
1+3+-..+ 2 + 2 = 6 + 2 (2) 

But  the  right-hand  member  of  Eq.  (2)  can  be  factored  and  simplified,  giving 

*(*  +  !)(* +2)   ,   (*  +  !)(* +2)       n    .  1WJ    .  ON  (k  .  1\       (Jfe  +  l)(*+2)(*+3) 
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+  (*  +  l)2(*+2).(t  +  1)(t+2)g  +  l). 


Assuming  that  the  law  is  correct  in  the  fcth  case,  (k  +  1)  (k  +  2)  (A;  +  3)  /6  is  the  correct 
sum  of  the  first  k  +  1  terms.  Consequently,  unless  the  sum  formula  gives  this  result 
for  the  sum  of  k  +  1  terms,  the  sum  formula  is  in  error.  Substituting  fe  +  1  for  n  in 
the  formula  n(n  +  l)(n  +  2)/6,  we  find  that  it  also  gives  (fc  +  l)(fc  +  2)  (A;  +  3)/6. 
We  must  conclude  that  this  formula  is  correct,  for  it  gave  the  correct  result  for  n  =  1, 
and,  upon  the  assumption  of  its  truth  for  n  =  k,  we  found  it  gave  the  correct  result 
for  n  =  ft  +  1.     Hence,  being  true  for  n  =  1,  it  is  true  for  n  =  2,  3,  .  .  .  . 

7.  Prove  by  induction:  1  +  2  +  •  •  •   +  n  =  n(n  +  l)/2  for  n  >  0. 

8.  Prove  by  induction:  l2  +  22  +  •  ■  •   +  n2  =  n(n  +  l)(2n  +  l)/6  for  n  >  0. 

9.  Prove  by  induction:  l3  +  23  +  •  •  •   +  n3  =  n2(n  +  l)2/4  for  n  >  0. 

10.  Prove  by  induction  that  an  —  bn  is  divisible  by  a  —  b  if  n  is  a  positive  integer. 
If  n  =  1,  a  —  b  is  divisible  by  a  —  b. 

Assume  that  ak  —  bk  =  (a  —  b)F(a,  b).  Now  divide  ak+1  —  bk+1  by  a  —  b,  getting 
the  quotient  ak  and  the  remainder  akb  —  bk+1.     Thus 

ak+i  _  &fc+i  =  (a  -  h)ak  +  afc6  -  6fc+1 
=  (a  -  6)a*  +  6(afc  -  bk) 

But  since  a  —  b  is  a  factor  of  ak  —  bk,  the  distributive  law  shows  that  a  —  b  is  a 
factor  of  ak+1  —  bk+1.     Then  according  to  postulate  16,  an  —  bn  is  divisible  by  a  —  b 
ioT/n  >  0. 
v^ll.  Prove  that  if  n  is  a  positive  odd  integer,  an  +  6n  is  divisible  by  a  +  6.         ^ 

12.  Prove  that  if  n  is  a  positive  even  integer,  a  +  6  is  a  factor  of  an  —  6n.        ^ 

13.  Prove  by  induction  that  10n  +  3  •  4n+2  +  5  is  divisible  by  9  if  n  is  zero  or  a 
positive  integer. 

If  n  —  0,  then  1  +3(16)  +5  =  54  and  this  integer  is  divisible  by  9.  Now  form 
the  difference  between  the  (n  +  l)st  and  the  nth  case  and  simplify  by  factoring, 
getting  the  result 

10»+i  +  3  •  4-+3  +  5  -  (10"  +  3  •  4"+2  +  5)  =  10*(9)  +  3  •  4-+2(3) 

The  right-hand  member  is  clearly  divisible  by  9.  Substituting  n  =  0  and  applying 
the  distributive  law,  the  above  equation  implies  that  10  +  3  •  43  +  5  is  a  multiple  of 
9,  and  hence  the  theorem  is  true  for  n  =  1.  But,  being  true  for  n  =  1,  it  is  likewise 
true  for  all  the  positive  integers. 

14.  Prove  that: 

a.  72n  +  16n  —  1  is  divisible  by  64  for  n  >  0. 

b.  2  •  7n  +  3  •  5W  -  5  is  divisible  by  24  for  n  >  0. 

c.  34"+2  +  52"+1  is  divisible  by  14  for  n  >  0. 

15.  Prove  that  the  cube  of  any  integer  is  equal  to  the  difference  of  the  squares  of 
two  integers. 

To  solve  a  problem  of  this  type,  we  often  set  up  a  few  examples  with  the  purpose  of 
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discovering  the  law  by  inspection.     Thus 

1«    =       p    _    Q2 

23  =  32  -  l2 
33  =  62  -  32 
43  =  10*  -  62 

The  sequence  of  integers  1,  3,  6,  10,  .  .  .  reminds  us  of  the  sum  of  the  series  1+2 
+  •  •  •  +  n  =  n(n  +  l)/2.  Hence,  we  should  like  to  show  that  n3  is  the  difference 
of  [n(n  +  l)/2]2  and  [(n  —  l)n/2]2.     This  statement  is  correct,  for 


Vn(n  +  1)12  _  f(n  -  l)rcT 


n2(n2  +  2^i  +  1  -  n2  +  2w  -  i; 


16.  Show  that  if  7z  —  5  is  a  multiple  of  3,  then  28z2  —  13x  —  5  is  a  multiple  of  9. 

17.  Show  that  if  2x  +  1  is  a  multiple  of  5,  then  14z2  +  19a:  —  19  is  a  multiple  of  25. 

18.  Show  that  if  an  integer  is  both  a  square  and  a  cube,  it  is  of  the  form  bn,  bn  +  1, 
or  5n  +  4. 

19.  Show  that  the  square  of  an  integer  that  is  not  a  multiple  of  2  or  3  is  of  the  form 
24A;  +  1. 

20.  Prove  that  the  sum  of  the  odd  integers  from  1  through  In  —  1  is  a  perfect 
square,  n2. 

21.  Prove  that  every  odd  cube,  n3,  is  the  sum  of  n  consecutive  odd  integers.  Find 
a  corresponding  law  for  an  even  cube. 

22.  We  have  assumed  the  principle  of  Archimedes,  but  just  as  some  of  our  other 
postulates  are  not  independent,  it  is  possible  to  prove  the  principle  of  Archimedes  on 
the  basis  of  the  assumptions  already  made. 

Case  1.  Let  a  >  0  and  6  >  0.  If  a  <  b,  then  0  <  a  <  b  and  m  =  0.  If  a  =  b, 
then  b  =  a  <  26  and  m  =  1,  If  a  >  b,  there  is  a  positive  multiple  of  b  that  is  less 
than  a.     But 

a  <  a  +  1  <  (a  +  1)6 

Thus  in  the  sequence  of  multiples  of  6, 

(a  +  1)6  >  ab  >   ■  •  •    >  0 

there  is  a  least  positive  multiple  of  6  that  is  greater  than  a.     Let  this  multiple  of  6 
be  (m  +  1)6.     Then 

mb  <  a  <  (in  +  1)6 

Case  2.     Let  a  <  0  and  6  >  0.     Then  nonnegative  c  exists  so  that 

cb  <  \a\  <  (c  +  1)6 
and 

-cb  >  a  >  (-c  -  1)6 

If  a  <  —cb,  let  m  =  —c  —  1,  but  if  a  =  —cb,  then  a  <  (—  c  +  1)6  and  m  =  —c. 
Let  the  student  complete  the  proof. 

23.  If  a  ^  0  and  |6|  >  \a\,  then  6  does  not  divide  a. 

24.  What  values  can  you  assign  to  r  in  order  that  4n  +  r  include  all  odd  primes? 
26.  Using  the  idea  of  Exercise  24,  write  another  set  of  expressions  whose  values 

include  all  odd  primes. 

26.  If  n  is  a  positive  integer,  the  triangular  numbers  are  given  by  the  formula 
n(n  +  l)/2.     Find  by  trial  some  integers  that  are  both  square  and  triangular. 
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27.  Is  the  set  of  even  integers  closed  under  the  operation  of  addition?  Do  the  odd 
integers  have  this  property?  Is  the  set  of  even  integers  closed  under  multiplication? 
What  important  property  that  pertains  to  multiplication  does  the  set  of  even  integers 
lack? 

28.  Peano  stated  the  following  postulates,  together  with  the  principle  of  finite 
induction,  to  define  the  natural  numbers : 

a.  There  is  a  number  1. 

b.  Every  number  n  has  a  unique  successor  n+. 

c.  The  number  1  is  not  the  successor  of  any  number. 

d.  If  n+  =  m+,  then  n  =  m. 

Define  addition  and  multiplication,  and  derive  the  commutative,  associative,  and 
distributive  laws  for  the  natural  numbers  on  the  basis  of  these  postulates. 


CHAPTER  2 
THE  LINEAR  DIOPHANTINE  EQUATION 


2-1.  The  Form  ax  +  by.  A  polynomial  in  the  variables  Xi,  x2,  .  .  .  ,  xT 
is  a  rational  integral  algebraic  expression  in  these  variables.  Thus 
aQxn  +  aixn~l  +  •  •  •  +  an,  where  the  exponents  of  the  variable  x  are 
positive  integers  or  zero,  is  a  polynomial  in  x.  The  expression  b\X2  + 
bixy  +  bzxy%  is  a  polynomial  in  x  and  y.  The  degree  of  a  polynomial  is  the 
degree  in  all  its  variables  of  its  term  or  terms  of  highest  degree.  The  first 
polynomial  is  of  degree  n,  and  the  second  is  of  the  fourth  degree.  The 
second,  however,  is  of  only  the  second  degree  in  x,  but  it  is  of  the  third 
degree  in  y.  If  all  the  coefficients  of  a  polynomial  are  integers,  it  is  said 
to  be  an  integral  polynomial. 

A  form*  in  the  variables  xh  x2,  .  .  •  ,  xr  is  a  homogeneous  polynomial 
in  these  variables;  that  is,  each  term  of  the  polynomial  is  of  the  same 
degree.  The  degree  of  a  form  is  the  degree  in  all  its  variables  of  any  term 
of  the  form.  The  polynomial  Sx2y  +  5xy2  —  yz  is  a  form  of  the  third 
degree.  All  the  forms  with  which  we  shall  be  concerned  will  have 
integers  as  coefficients.  We  shall  make  use  of  the  form  ax  +  by  to  show 
that  the  greatest  common  divisor  of  two  rational  integers  (not  both  zero) 
exists  and  is  a  rational  integer. 

Theorem  2-1.  The  least  positive  integer  in  the  set  of  integers  defined 
by  ax  +  by,  where  a  and  b  are  not  both  zero,  is  the  greatest  common 
divisor  of  the  set. 

Consider  the  set  of  integers  defined  by  the  linear  form  ax  +  by  when 
a  and  b  are  constants  and  x  and  y  are  variables  whose  values  are  all  the 
integers.  Since  there  is  but  a  finite  number  of  integers  between  zero  and 
any  positive  integer,  and  since  the  set  ax  +  by  contains  a  positive  integer, 
this  set  has  a  least  positive  integer.     Let  it  be  represented  by 

L  =  ax0  +  by0 

This  integer  L  divides  every  integer  of  the  set  because,  according  to  the 

*  This  technical  use  of  the  word  "form"  is  not  to  be  confused  with  the  ordinary 
sense  in  which  we  have  made  use  of  the  term.  When  we  say,  for  instance,  that  an 
integer  has  the  form  Qk  +  1,  the  word  is  synonymous  with  "mold"  or  "structure" 
and  in  this  case  designates  that  the  given  integer  is  always  a  multiple  of  six,  plus  one. 
Whenever  "form  "  is  used  to  mean  a  homogeneous  polynomial,  the  implication  will  be 
clear  from  the  text. 
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theorem  of  Euclid,  corresponding  to  the  integers  n  =  axx  +  by\  and  L 
there  exist  integers  m  and  r  such  that 

n  =  mh  +  r         0  <  r  <  L 
Hence, 

ax\  +  byi  =  m(ax0  +  by0)  +  r 
and 

a(zi  —  mxo)  +  6(?/i  -  m?/0)  =  r 

Therefore,  r  is  an  integer  of  the  set,  but,  being  less  than  L,  r  must  be  0. 
The  least  positive  integer  of  the  set  thus  divides  every  integer  of  the  set 
and  is  necessarily  a  common  divisor  of  the  set.  But  L  is  in  the  set,  and 
therefore  any  common  divisor  of  the  set  divides  L.  Hence,  L  is  the 
greatest  common  divisor  of  the  set  ax  +  by,  for  it  satisfies  the  stated 
definition  by  being  a  positive  integer  which  is  a  common  divisor  of  the 
set  and  which  is  divisible  by  every  common  divisor  of  the  set. 

Theorem  2-2.  The  greatest  common  divisor  of  a  and  b,  where  not 
both  are  zero,  exists  and  is  the  least  positive  integer  in  the  set  defined  by 
ax  -f-  by. 

The  integers  a  and  b  are  determined  by  the  form  ax  +  by,  when  x  =  1, 
y  =  0,  and  when  x  =  0,  y  =  1,  respectively.  Hence,  Theorem  2-1  shows 
that  L  is  a  common  divisor  of  a  and  b.  But  L  =  ax0  +  by0,  and  thus  srny 
common  divisor  of  a  and  b  divides  L.  Therefore,  the  greatest  common 
divisor  of  a  and  b  exists  and  is  L. 

Theorem  2-3.  If  d  is  the  greatest  common  divisor  of  a  and  b,  then  d  is 
the  greatest  common  divisor  of  the  set  of  integers  ax  +  by. 

If  d  =  (a,  b),  so  that  a  =  a0d,  b  =  b0d,  we  see  that  d  is  a  common 
divisor  of  the  set,  for  ax  +  by  =  d(a0x  +  b0y).  On  the  other  hand,  any 
common  divisor  of  the  set  divides  a  and  b,  for  both  a  and  b  are  in  the  set. 
But  any  common  divisor  of  a  and  b  is  a  divisor  of  d.  Thus  a  common 
divisor  of  the  set  ax  +  by  necessarily  divides  d.  The  integer  d  is,  there- 
fore, the  greatest  common  divisor  of  the  set. 

Theorem  2-4.  The  greatest  common  divisor  of  the  set  of  integers 
ax  +  by  is  unique. 

Suppose  that  both  d\  and  d2  are  greatest  common  divisors  of  the  set 
ax  +  by  and  that  they  are  positive.  Then,  according  to  the  definition, 
d\  I  di  and  d2  \  d\.     Consequently,  d\  <  d2,  and  d2  <  d\,  so  that  di  =  d2. 

It  follows,  then,  that  the  greatest  common  divisor  of  a  and  b  is  the  least 
positive  integer  in  the  set  ax  +  by  and  that  d  =  (a,  b)  can  be  expressed 
as  a  linear  function  of  a  and  b  with  integral  coefficients.  Thus  4  = 
(12,  20)  can  be  written  4  =  12(2)  +  20(-l)  =  12(-18)  +  20(11). 

The  fact  that  the  greatest  common  divisor  of  any  two  rational  integers 
a  and  b,  where  not  both  are  zero,  can  be  written  in  the  form  ax  +  by  with 
x  and  y  rational  integers  is  an  important  characteristic  of  the  set  of 
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rational  integers.  Not  all  sets  of  integers  have  this  property.  Consider, 
for  instance,  the  set  of  even  rational  integers.  Although  the  integers  4  and 
6  have  the  greatest  common  divisor  2  which  is  in  this  particular  set,  2 
cannot  be  written  in  the  form  2  =  4x  +  Qy,  where  x  and  y  are  selected 
from  the  set  of  even  integers. 

Theorem  2-5.  The  set  of  integers  ax  +  by  consists  of  all  the  multiples 
of  d  =  (a,  6). 

It  has  been  shown  that  every  integer  of  the  set  ax  +  by  is  a  multiple  of 
d.  Moreover,  every  multiple  of  d  =  ax0  +  by0  is  in  the  set,  for  k(axQ  + 
by0)  =  a(kx0)  +  b(ky0).  Therefore,  all  and  only  multiples  of  d  are  mem- 
bers of  the  set  defined  by  ax  +  by. 

It  is  interesting  to  notice  that  because  d  is  not  zero,  the  set  ax  +  by 
never  consists  of  just  one  integer.  Furthermore,  the  sum  and  difference 
of  any  two  integers  defined  by  ax  +  by  are  also  in  this  set. 

Any  set  of  at  least  two  elements  is  called  a  modul  if  its  elements  obey 
the  associative  and  commutative  laws  for  addition  and  if  the  equation 
a  +  b  =  c  is  satisfied  by  an  element  of  the  set  whenever  two  of  the  three 
elements  a,  b,  c  are  chosen  from  the  set.  It  is  now  apparent  that  the 
integers  ax  +  by  form  a  modul. 


EXERCISES 

1.  Describe  the  set  of  integers  3z  +  6y. 

2.  Use  the  form  ax  +  by  to  define  a  set  of  integers  all  of  which  are  even. 

3.  Use  the  form  ax  +  by  to  define  a  set  of  integers  that  are  multiples  of  5.  Are 
all  multiples  of  5  included? 

4.  Use  the  linear  form  in  two  variables  to  determine  a  set  of  even  integers  that  are 
multiples  of  5. 

5.  When  will  the  set  ax  +  by  include  all  the  integers? 

2-2.  The  Diophantine  Equation  ax  +  by  =  n.  Diophantus  (c.  275) 
was  the  one  Greek  mathematician  of  note  who  devoted  himself  to  algebra. 
He  solved  quadratic  equations  in  a  single  variable,  but  he  found  only  one 
answer  and  discarded  all  but  positive  rational  numbers  as  solutions.  He 
even  considered  types  of  quadratics  in  two  unknowns  and  two  simul- 
taneous equations  of  this  kind.  He  is  credited  with  enlarging  the  concept 
of  number  to  include  the  fractions.  Because  he  sometimes  restricted  his 
solutions  to  integers,  his  name  is  now  attached  to  the  kind  of  equation 
defined  below.  Diophantus  developed  no  general  method  for  the  solution 
of  these  equations,  however.  It  was  not  until  the  Hindus  attacked  the 
problem  that  such  general  methods  were  devised. 

A  Diophantine  equation  is  a  rational  integral  algebraic  equation  in 
which  the  coefficients  of  the  variables  and  the  absolute  term  are  integers 
and  of  which  the  solutions,  or  values  of  the  variable  or  variables  that 
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satisfy  the  equation,  must  be  integers.  Such  an  equation  would  be  used 
to  solve  the  problem:  In  how  many  ways  can  $25  be  paid  in  five-dollar 
bills  and  two-dollar  bills? 

Theorem  2-6.  The  linear  Diophantine  equation  ax  -\-  by  =  n  has  a 
solution  if  and  only  if  the  greatest  common  divisor  of  a  and  b  divides  n. 

Since  we  have  shown  that  d  —  (a,  b)  divides  ax  +  by  for  all  integral 
values  of  x  and  y,  if  ax  +  by  =  n  has  a  solution,  d  divides  n. 

If  d  divides  n,  let  n  =  n0d.  Because  d  has  been  proved  to  be  an  integer 
of  the  set  ax  +  by,  it  follows  that  n  =  no(ax0  +  by0)  =  a(n0x0)  +  b(noyQ). 
This  result  shows  that  x  =  nQxo,  y  =  n0yo  is  a  solution  of  the  equation. 

Corollary.  A  necessary  and  sufficient  condition  that  a  and  b  be  rela- 
tively prime  is  that  there  be  a  solution  of  the  linear  Diophantine  equation 
ax  +  by  =  1. 

The  preceding  proof  also  implies  that  if  (a,  b)  =  d  and  ax  +  by  =  n 
has  a  solution  x  =  x0,  y  =  y0,  then  this  very  pair  satisfies  aQx  +  b0y  =  n' , 
where  a  =  aQd,  b  =  b0d,  n  =  n'd.  Again,  if  (a,  b)  =  1,  the  equation 
ax  +  by  =  n  has  a  solution  and  that  same  solution  holds  for  kax  +  kby  = 
kn.  The  problem  of  solving  the  equation  ax  +  by  =  n  is,  therefore, 
reduced  to  finding  a  general  method  for  solving  the  equation  in  the  case 
where  the  coefficients  of  the  variables  are  relatively  prime. 

Theorem  2-7.  If  m  divides  ab,  and  m  and  a  are  relatively  prime,  then 
m  divides  b. 

Since  (m,  a)  =  1,  the  equation  mx  +  ay  =  1  has  a  solution  x  =  Xi, 
y  =  z/i.     Then 

b(mxi  +  ayi)  =  b 
and 

mbxi  +  abyi  =  b 

But  m  |  mb,  and  m\  ab.      Therefore,  m  \  b. 

Observe  that  Theorem  2-7  holds  even  when  m  —  0,  for  then  if  (m,  a)  = 
1,  it  is  necessary  that  a  =  +1.  But  m  \  ab  implies  that  ab  =  0.  Con- 
sequently, 6  =  0,  and  m\b. 

Notice  also  that  if  m  ^  + 1  is  prime  to  an  integer  n,  then  m  does  not 
divide  n.  On  the  other  hand,  if  m  does  not  divide  n,  the  integers  m  and  n 
need  not  be  relatively  prime;  for  example,  6  \  15,  but  (6,  15)  =  3. 

Corollary  1.     If  m  is  prime  to  both  a  and  b,  then  m  is  prime  to  ab. 

Corollary  2.  If  m  is  prime  to  ah  a2,  .  .  .  ,  a^,  then  m  is  prime  to  their 
product. 

EXERCISES 

1.  Prove  that  the  product  of  three  consecutive  integers  is  divisible  by  6.     * 
Let  P  =  n(n  +  l)(n  +  2).     Then  P  is  divisible  by  both  2  and  3.     Hence,  P  =  2k 
=  3m.     But   (2,   3)  =  1,   and  2  |  3m.     Therefore,   2  |  m.     Thus   m  =  2s,   and  P  = 
3  (2s)  =  6s. 
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2.  Show  that  n(n2  —  1)  is  a  multiple  of  24  if  n  is  odd. 

3.  Show  that  n5  —  n  is  a  multiple  of  30. 

4.  If  n2  is  divisible  by  3  but  not  by  4,  then  n2  —  1  is  divisible  by  4. 
6.  Prove  that  V2  is  irrational. 

A  number  is  rational  if  and  only  if  it  can  be  expressed  as  a  quotient  a/b  of  two 
rational  integers  with  the  denominator  6  different  from  zero.  Hence,  assume  that 
y/2  =  a/b  with  (a,  b)  =  1.  From  262  =  a2  we  see  that  b  \  a2.  Now  apply  Theorem 
2-7,  and  show  a  contradiction. 

6.  Prove  that  V^3  and  -^2  are  irrational. 

7.  When  m  is  a  positive  integer,  prove  that  if  \/m  is  not  an  integer,  it  is  irrational. 

8.  If  the  sum  of  two  fractions  a/b  +  c/d  in  their  lowest  terms  is  an  integer, 
b  =  +d  or  —d. 

9.  If  (a,  b)  =  1  and  c  >  0,  then  (ac,  be)  =  c. 

10.  If  (a,  6)  =  1,  the  greatest  common  divisor  of  a  +  b  and  a  —  b  is  either  1  or  2. 
Notice  that  (a  -\-  b)  —  (a  —  b)  =  26  and  (a  +  6)  +  (a  —  6)  =  2a.     Furthermore, 

(2a,  26)  =  2.     Thus  d  =  (a  +  6,  a  -  6)  is  a  divisor  of  2. 

11.  If  (a,  6)  =  1,  the  greatest  common  divisor  of  a2  +  62  and  a  +  6  is  either  1  or  2. 

12.  Show  that  if  (a,  6)  =  1,  the  greatest  common  divisor  of  a3  +  63  and  a2  +  62  is 
a  divisor  of  a  —  6. 

Theorem  2-8.  The  greatest  common  divisor  d  of  a  finite  set  of  integers 
0i,  as,  .  .  .  ,  On  can  be  expressed  in  the  form 

ai^i  +  a2£2  +   *  *  "   +  «nX„  =  d 

where  the  Xi,  for  i  —  1,2,  .  .  .  ,  n,  are  integers. 

Let  us  start  with  the  integers  oi,  a2,  and  a3,  and  let  d\  =  (ah  a2).  Then 
?/i  and  2/2  exist  so  that 

aiyi  +  CL2V2  =  di 

Any  common  divisor  of  ah  a2,  and  a3  must  be  a  common  divisor  of  d\  and 
a3,  and  hence  a  divisor  of  d2  =  (di,  a3).  But  d2  is  itself  a  common  divisor 
of  di,  a2,  and  a3,  and  therefore  d2  is  the  greatest  common  divisor  of  these 
three  integers.     Since  integers  Z\  and  z2  exist  so  that 

diZi  +  a322  =  d2 
we  have 

(«i2/i  +  a2y2)zi  +  a3z2  =  d2 
and  finally 

diXx  +  a2£2  +  a3£3  =  d2 

Using  induction,  we  can  similarly  raise  the  number  of  the  integers  in  the 
set  to  n. 

Furthermore,  as  in  Theorem  2-6,  we  can  now  show  that  when  d  = 
(oi,  a2,  .  .  .  ,  an)  and  d  \  m,  there  exist  integers  x'i7  where  i  =  1,2,  .  .  .  , 
n,  that  satisfy  the  equation  a\X\  +  a2x2  +  •  •  •  +  anxn  =  m  and  that 
if  such  an  equation  has  a  solution  in  integers,  d  \  m. 

Corollary.  If  d\  is  the  greatest  common  divisor  of  ah  a2,  .  .  .  ,  ak, 
then  the  greatest  common  divisor  of  d\,  a2,  .  .  .  ,  a,k,  a*+i  is  the  greatest 
common  divisor  of  d\  and  a^+i. 
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Theorem  2-9.  If  a  and  b  are  relatively  prime  and  x  =  x0,  y  =  y0  is  a 
solution  of  the  equation  ax  +  by  =  n,  all  solutions  are  given  by  the  equa- 
tions x  =  x0  +  kb,  y  =  y0  —  ka  for  all  integral  values  of  k. 

Supposing  that  both  pairs  of  integers  Xo,  yo  and  xf,  y'  satisfy  ax  + 
by  =  n,  we  have 

axo  +  by0  =  n 
and 

so  that 

and 


ax'  +  by'  —  n 
a(x'  -  x0)  +  b(yf  -  y0)  =  0 

a{x'  —  xo)  =  —b{y'  —  y0) 


Since  (a,  b)  =  1,  provided  that  6  ^  0,  it  follows  that  b  \  (V  —  Xo)  and 
therefore  that  x'  —  x0  =  kb,  or  x'  =  x0  +  /b5.  Substituting  kb  for 
a/  —  xo,  we  obtain 

akb  =  —  b(yf  —  y0) 

After  applying  the  cancellation  law,  we  find  that  y'  =  y0  —  ka.  If  b  =  0, 
the  original  equation  is  clearly  trivial. 

That  the  integers  x  =  x0  +  kb,  y  =  y0  —  ka  satisfy  ax  +  by  =  n  for 
all  integral  values  of  the  parameter  k  can  be  determined  by  substituting 
them  in  the  given  equation. 

2-3.  A  Method  for  Finding  a  Solution  of  ax  +  by  =  n.  If  (a,  b)  =  d 
and  d\n,  we  have  shown  that,  by  dividing  each  term  of  the  equation 
ax  +  by  =  n  by  d,  we  obtain  an  equivalent  equation,  that  is,  one  which 
is  satisfied  by  all  and  only  the  solutions  of  the  original  equation.  Con- 
sequently, it  will  be  sufficient  to  solve  the  equation  ax  +  by  =  n  when 
(a,  b)  =  1. 

If  a  |  n,  so  that  n  —  n0a,  let  y  =  0  and  x  =  n0,  and  the  equation  is 
satisfied. 

If  a  Jf  n,  then  a  5*  ±1  and  we  may  suppose  that  1  <  \a\  <  \b\.     Then 

b  =  qia  +  n  0  <  ri  <  |a| 
and 

w  =  #20  +  7*2  0  <  r2  <  |a| 
Therefore, 

ax  +  (oia  +  ri)i/  =  q2a  +  r2 

Since  a  solution  oi  ax  -\-  by  =  n  exists,  riy  —  r%  is  a  multiple  of  a;  that  is, 
ri?/  +  az  =  r2.  If  n  |  r2,  choose  2  =  0,  and  y  is  thus  determined.  Then 
by  substituting  in  the  original  equation,  a  value  for  x  is  found.  But  if 
T\  Jf  r2,  proceed  as  before,  using  y  and  z  as  the  variables  and  n  as  the 
divisor  since  r\  <  \a\.     Therefore,  where 

a  =  qsri  +  r3        0  <  rz  <  n 
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and 

. 

T2    =    #47-1   +  7*4 

0  <  r4  <  ri 

we  have 

ny  =  q*ri  +  r4  - 

(gs^i  +  r3)« 

and,  as  above, 

r3z  +  riw 

=  r4 

If  we  continue  in  this  manner,  we  find  that  \a\  >  r\  >  r3  >  ■  ■  ■  > 
r2s_i  >  0.  Each  of  the  remainders  r2k+i  and  r2fc+2  determined  when 
r2fc-3  and  r2fc,  respectively,  are  divided  by  r2k-i  is  less  than  r2k-\.  We  see, 
therefore,  that  each  new  set  of  two  nonnegative  remainders  has  an  upper 
bound  r2k-i  which  is  smaller  than  the  upper  bound  of  the  preceding  set  of 
two.  Within  a  finite  number  of  steps  the  process  will  necessarily  end,  for 
some  r2k-i  will  divide  r2k.  Supposing  that  this  happens  when  k  =  s,  the 
equation  r2s-\U  +  r2s-%v  =  r2s  will  be  solved  by  letting  v  =  0  and  u  =  m, 
where  r2s  =  mr2s_i.  The  original  variables  can  then  be  determined  by 
substitution. 

Example.     Solve  the  Diophantine  equation  69x  +  Illy  =  9000. 

Solution.  Since  (69,  111)  =  3,  we  solve  the  equivalent  equation 
23a;  +  S7y  =  3000.     Thus 


Hence, 

and 

so  that 

Again, 

and 

Therefore, 


2Sx  +  (23  +  14)y  =  (130)  (23)  +  10 
Uy  +  2Sz  =  10  IH-l    ' 


14t/  +  (14  +  9)2  =  10 
9z  +  Uw  =  10 
9z  +  (9  +  S)w  =  9  +  1 

bw  +  9v  =  1 
bw  +  (5  +  4)t>  =  1 


and 

4^  +  5s  =  1 
Finally, 

so  that 


4z;  +  (4  +  1)«  =  1 

l/1 


a^  j      s  =  i 

Therefore,    v  —  —  1,    w  =  2,    z  =  —  2,    ?/  =  4,    and    a;  =  124.     Conse- 
quently, all  the  solutions  of  the  original  equation  are  of  the  form 

x  =  124  +  37k 
y  =  4  -  23/c 
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If  we  wish  only  the  positive  integers  that  satisfy  the  given  equation, 
we  take 

124  +  37/c  >  0 
and 

4  -  23/c  >  0 
so  that 

4      -v      L    v      _     124 

Hence,  k  can  have  only  the  values  —3,  —2,  —1,  and  0. 

EXERCISES 

Solve  the  equations  and  determine  the  number  of  solutions  for  which  both  x  and 
y  are  positive. 

1.  16x  +  7y  =  601.  2.  Ux  -  45y  =  11. 

3.  75z  +  91y  =  320.  4.  56x  -  50y  =  74. 

5.  40x  -  63?/  =  135.  6.  123a;  +  57y  =  393. 

7.  77z  +  165?/  =  3553. 

8.  Separate  1591  into  two  parts  such  that  one  part  is  a  multiple  of  23  and  the  other 
a  multiple  of  34. 

2-4.  The  Solution  of  the  Linear  Diophantine  Equation  in  More  than 
Two  Variables.  A  single  linear  Diophantine  equation  in  more  than  two 
variables  or  a  simultaneous  set  of  such  equations  can  be  solved  very 
expeditiously,  when  there  is  a  solution,  by  the  reduction  of  the  augmented 
matrix  of  the  equation  or  system  of  equations  to  a  canonical  form.  *  This 
method  enables  us  to  determine  a  linear  transformation  the  application 
of  which  substitutes  for  the  original  equation  or  equations  a  set  of  one  or 
more  equations  which  is  easily  solved.  We  shall  not  develop  any  of  this 
theory,  but  we  shall  show  in  the  case  of  a  single  equation  in  three  variables 
how  a  linear  transformation  can  be  used  to  facilitate  the  finding  of  the 
solutions. 

Consider  the  equation 

d\X  +  a2y  +  azz  =  m  (1) 

If  (ai,  a2,  a3)  =  d,  there  is  no  solution  unless  d  \  m.  Supposing  that  d  \  m, 
to  find  the  solutions  we  should  first  divide  each  member  of  the  equation 
by  d.  Therefore,  let  us  assume  that  (ah  a2,  a3)  =  1.  Then  if  d\  = 
(ah  a2),  it  is  necessary  and  sufficient  that  d\  divide  azz  —  m  in  order  that 
there  be  a  solution  of  the  given  equation.     But  (a3,  di)  =  1,  and  therefore 

atf  +  dit  =  m 

has  the  solutions  z  =  20  —  diw,  t  =  t0  +  azw,  where  z  =  z0,  t  =  to  is  one 

*  H.  J.  S.  Smith,  "Collected  Mathematics  Papers,"  Vol.  1,  Oxford  University  Press, 
New  York,  1894. 
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solution.     Hence,  z0  —  diw,  for  all  integral  values  of  the  parameter  w, 
gives  all  and  only  values  of  z  for  which  a3z  —  m  is  a  multiple  of  d\. 
Now  consider  the  linear  transformation 


(2) 


x  =  biu  +  b2v 
y  =  c\U  +  c2v 

We,  of  course,  wish  u  and  v  to  be  integers,  and  we  know  that 

u  =   c2x  -  b2y 

bic2  —  b2c\ 

=    biy  —  Cix 

bic2  —  b2Ci 

Therefore,  any  choice  of  integral  values  for  61,  b2,  Ci,  c2  that  makes 

bic2  —  b2Ci  =  1 

will  force  u  and  v  to  be  integers  since  x  and  y  have  only  integral  values. 
Applying  this  transformation  (2)  to  the  original  equation  (1),  and  sub- 
stituting z  =  z0  —  diw,  the  resulting  equation  is 

ai(biu  +  b2v)  +  a2(ciu  +  c2v)  +  a3(^o  —  diw)  =  m 
or 

(01&1  +  a2Ci)u  +  (ai&2  +  a2c2)v  —  a3diw  =  dit0  (3) 

since 

adz0  +  ^1^0  =  m 

Because  we  introduced  two  independent  variables  u  and  v,  we  are  per- 
mitted to  impose  a  second  condition  upon  the  coefficients  of  the  trans- 
formation.    We,  therefore,  set 

aib2  +  a>iC2  =  0 

Since  (a,i,  a2)  =  di,  let  a\  =  doidi,  a2  =  aoarfi,  and  then 

dQidib2  =  —a02dic2 
or 

«01?>2    =     —CLo2C2 

Let  us,  therefore,  choose  b2  =  —a02  and  c2  =  floi-  Then  the  condition 
6iC2  —  62Ci  =  1  becomes 

aoi&i  +  «02Ci  =  1 

and  this  equation  determines  61  and  C\  since  (a0i,  aQ2)  =  1.  Choose  a  set 
of  values  so  determined  for  b\  and  Ci  in  which  neither  bi  nor  Ci  is  zero. 
Now  if  we  multiply  each  member  of  the  last  equation  by  d\,  we  have 

axbi  +  a%cx  =  dx 
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and  therefore  the  transformed  equation  (3)  takes  the  form 

d\U  —  a^diw  =  dito 
and 

u  =  to  +  a>zw 

which  is  the  same  as  the  value  found  for  t.  Then  by  eliminating  u  from 
Eqs.  (2)  for  x  and  y,  we  find  that  the  solutions  of  the  original  equation  are 
of  the  form 

x  =  bit0  —  a02v  +  dzbiw 
y  =  crfo  +  a01v  +  a3ciw 
z  =  20  —  diw 

where  v  and  w  are  the  parameters.  That  all  these  values  of  x,  y,  and  z 
determined  by  integral  values  of  the  parameters  satisfy  the  equation  is 
easily  verified. 

It  is  evident  that  the  solution  of  a  Diophantine  equation  in  four 
variables  can  now  be  made  to  depend  upon  the  solution  of  one  with  three 
variables  in  the  same  manner  as  we  have  used  equations  in  two  variables 
in  the  above  development  to  solve  an  equation  in  three  variables. 

Example.     Solve:  Qx  +  24?/  -  41z  =  91. 

Solution.  (6,  24)  =  6,  and  —Alz  +  Qt  =  91  has  the  solutions  z  = 
1  —  Qw,  t  =  22  —  41w.  The  equations  aib2  +  a2c2  =  0  and  6ic2  —  b2Ci  = 
1  become  6b2  +  24c2  =  0  and  bi  +  4d  =  1,  so  that  b2  =  —4,  c2  =  1; 
bi  =  —  3,  C\  =  1.  Since  u  =  t,  it  is  easy  to  compute  the  answer  in  the 
form  x  =  -3(22  -  41ti>)  -  4v  =  -66  +  123w  -  4v,  y  =  22  -  41w  + 
v,  z  =  1  —  Qw. 

2-5.  Simultaneous  Linear  Diophantine  Equations.  A  set  of  two  equa- 
tions in  three  variables  may  or  may  not  have  a  solution  in  integers.  Con- 
sider the  set 

aix  +  a2y  +  azz  =  mi  ,  . 

bix  +  b2y  +  b3z  =  ra2 

If  (ai,  a2,  CJ3)  =  di  does  not  divide  mi  or  if  (61,  62,  &s)  =  d2  fails  to  divide 
m2,  there  is,  of  course,  no  solution  for  the  set.  But  even  when  these  con- 
ditions are  fulfilled,  there  need  not  be  a  common  solution.  Take,  for 
instance,  the  set 

2x  +  Sy  +  z  =  7 
2x  -  y  +  3z  =  8 

If  the  second  equation  is  subtracted  from  the  first,  the  result  is 

4y  -  2s  =  - 1 

Any  y  and  z  that,  together  with  an  x,  satisfy  the  given  set  must  satisfy  this 

equation,  but  because  (4,  2)  =  2,  the  equation  has  no  solution  whatever. 

When  each  individual  equation  has  a  solution,  we  can  always  determine 
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the  common  solutions,  if  they  exist,  by  solving  one  equation  and  sub- 
stituting these  values  in  the  second.  Thus,  when  the  solutions  of  the 
equation 

aix  +  a2y  +  a3z  =  mi  (5) 

are 

x  —  ri  +  SiV  +  t\W 

y  =  r2  +  s2v  +  t2w  (6) 

z  =  r3  +  s3^ 

with  parameters  v  and  w,  upon  substituting  these  expressions  in  bix  + 
&2?/  +  £>32  =  m2,  we  obtain  an  equation  of  the  form 

Aw  +  Bv  =  C 

The  given  equations  have  a  common  solution  if  and  only  if  this  last  equa- 
tion is  solvable.     Suppose  the  solutions  exist  and  are  of  the  form 

w  =  Wo  -\-  Bit 
v  =  v0  +  Ait 

When  these  values  are  substituted  in  the  solutions  (6)  of  the  first  equation 
(5),  the  common  solutions  of  (4)  take  the  form 

x  =  X0  +  Kit 
y  =  Y0  +  K2t 
z  =  Z0  +  K^ 

where  there  is  but  one  parameter  t. 

Example.     Solve  the  set  of  equations:  6x  +  24?/  —  412  =  91, 

2x  -  Sy  +  7z  =  2. 

Solution.  Substituting  in  the  second  equation  the  solutions  of  the 
first  one  arrived  at  in  the  preceding  example,  we  have  2(  —  66  +  123w  — 
4w)  -  3(22  -  41tc  +  v)  +  7(1  -  Gw)  =  2,  or  327w  -  Uv  =  193.  Hence 
w  =  -2  +  life,  and  v  =  -77  +  327/c.  Therefore  x  =  -66  +  123(-2 
+  lift)  -  4(-77  +  327/c)  =  -4  +  45/c;  y  =  22  -  41(-2  +  11/c)  + 
(-77  +  327/c)  =  27  -  124/c;  2  =  1-  6(-2  +  11/c)  =  13  -  66/c. 

EXERCISES 

1.  Solve:  2x  -  5y  +  3s  =  17.  2.  Solve:  3z  -  6y  +  2z  =  11. 

3.  Solve:  10a;  +  16?/  -  4z  =  48.  4.  Solve:  127a:  +  319?/  -  43z  =  521. 

5.  Solve  the  set:  2x  +  2y  +  7z  =  22,  6.  Solve  the  set:  x  +  3y  -  0  =  11, 

7x  -  4y  -  hz  =  29.  5a:  -  5y  -  3z  =  33. 

7.  A  room  has  100  seats.  How  many  men,  women,  and  children  should  be  admitted 
to  realize  exactly  $10  if  the  men  will  pay  50  cents  each;  the  women,  20  cents  each;  and 
the  children,  1  cent  each? 

8.  If  100  pieces  of  money  in  denominations  of  50  cents,  $5,  and  $10  are  to  amount  to 
$100,  how  many  of  each  denomination  must  there  be? 


CHAPTER  3 
PROPERTIES  OF  INTEGERS 


3-1.  The  Composite.  Perhaps  one  of  the  facts  with  which  you  are 
most  familiar  is  that  a  composite  has  a  prime  factor,  but  have  you  ever 
proved  it? 

Theorem  3-1.     Every  composite  has  a  prime  factor. 

Because  any  negative  integer  can  be  expressed  as  the  product  of  its 
positive  associate  and  the  unit  —  1,  we  shall  assume  that  the  composite  m 
is  positive.  Since  m  is  neither  a  unit  nor  a  prime,  it  has  a  factor  that  is 
not  a  unit  or  an  associate  of  m.  Therefore,  let  m  =  /i/2,  where  both 
factors  are  positive.  Then  /i  <  m,  and  /i  is  either  a  prime  or  another 
composite.  If  /i  is  a  prime,  the  theorem  is  complete,  but  if  /i  is  a  com- 
posite, it,  in  turn,  has  a  factor  other  than  an  associate  or  a  unit.  Then 
/i  =  fzfA,  where  0  <  /3  <  /i.  If  /3  is  not  a  prime,  the  line  of  reasoning 
continues  in  the  above  manner,  but  only  for  a  finite  number  of  steps,  for 
since 

m  >  /i  >  /3  >   •  ■  •   >  0 

we  must  arrive  at  a  positive  factor  f<m-\  that  is  divisible  only  by  its  asso- 
ciates and  the  units.  The  integer /2n-i  is,  therefore,  a  prime,  and  by  sub- 
stitution it  is  obviously  shown  to  be  a  factor  of  m. 

3-2.  The  Sieve  of  Eratosthenes  (c.  230  B.C.).  It  is  evident  that  one 
way  to  test  whether  or  not  a  positive  integer  m  is  a  prime  would  be  to 
write  all  the  integers  from  1  through  m;  then  to  leave  2,  and  strike  out 
every  second  integer  thereafter;  next  to  leave  3,  and  strike  out  every  third 
integer  thereafter;  generally,  to  leave  the  next  unstruck  integer  p,  and 
strike  out  every  pth  integer  thereafter.  Each  integer  except  1  that  is  not 
crossed  off  by  this  process  is  obviously  a  prime.  For  how  long  must  this 
process  be  continued  before  we  know  that  m  is  a  prime?  Eratosthenes 
answered  this  question  by  means  of  the  following  theorem  and  thus 
presented  a  useful  test  for  a  prime: 

Theorem  3-2.  A  positive  integer  m  is  prime  if  it  has  no  positive  prime 
factor  less  than  or  equal  to  /,  where  I  is  the  greatest  integer  such  that  I2 
is  less  than  or  equal  to  m. 

Suppose  that  m  is  not  a  prime  but  is  a  composite.  Then  m  has  a  prime 
factor.     This  prime  factor  p  must  be  greater  than  /  according  to  the 

25 
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hypothesis  of  the  theorem.  But  when  m  =  pf,  the  complementary  factor 
/  must  also  be  greater  than  /,  for  if  it  were  not,  a  prime  factor  of  it,  which 
would  necessarily  be  a  prime  factor  of  m,  would  be  less  than  or  equal  to  /. 
Therefore,  both  p  and  /  are  at  least  equal  to  /  +  1,  and  m  =  pf  shows 
that 

m  >  (I  +  l)2 

This  statement  is  contrary  to  the  hypothesis  which  says  that  (I  +  l)2  > 
m,  and  hence  m  is  a  prime. 

Example.  To  test  2503  to  see  whether  or  not  it  is  a  prime,  we  try  to 
divide  2503  by  the  primes  2,  3,  5,  through  47,  since  in  this  case  I  is  50. 
Because  none  of  these  primes  is  a  divisor  of  2503,  this  integer  is  a  prime. 

3-3.  The  Number  of  Primes.  Euclid  included  the  following  theorem 
in  his  "  Elements." 

Theorem  3-3.     The  number  of  primes  is  infinite. 

So  that  we  may  understand  the  method  of  this  proof,  let  us  recall  that  a 
set  of  elements  is  said  to  be  infinite  if  it  has  a  proper  subset,  that  is,  a 
subset  different  from  the  whole  set,  which  can  be  put  into  one-to-one 
correspondence  with  the  whole  set.  Otherwise,  a  set  is  said  to  be  finite. 
Consequently,  if  it  can  be  shown  that,  in  addition  to  a  finite  subset  of  a 
set,  there  is  always  another  element  that  belongs  to  the  set,  the  set  is 
infinite. 

Suppose  that  the  number  of  primes  is  finite.  Then  there  is  a  largest 
prime  p.  Form  the  integer  N  by  taking  the  product  of  all  the  primes 
from  2  through  p  and  adding  the  integer  1 ;  thus 

N  =  (2  •  3  •  5 p)  +  1 

N  is  either  a  prime  or  a  composite.  But  if  N  is  a  prime,  it  is  greater  than 
p,  which  is  contrary  to  the  assumption.  If  N  is  a  composite,  it  has  a  posi- 
tive prime  factor.  This  factor  is  not  one  of  the  primes  in  the  set  2,  3, 
5,  .  .  .  ,  p,  or  according  to  the  distributive  law  it  would  divide  1,  which  is 
impossible.  Consequently,  it  is  a  prime  larger  than  p.  Because  we  have 
shown  that  when  we  assume  the  number  of  primes  is  finite,  we  can  always 
find  a  positive  prime  that  was  not  previously  counted,  the  number  of 
primes  is  infinite. 

It  is  evident,  moreover,  that  Euclid's  proof  shows  that  if  ph  p2,  .  .  .  , 
pr  are  the  first  r  primes,  the  next  prime  lies  in  the  interval  from  pr  +  1 
through  pip2  '  •  '  pr  +  1.*  This  interval  provided  one  of  the  first 
answers  to  the  question,  Where  is  the  next  prime  larger  than  a  given 
prime? 

*  D.  N.  Lehmer  has  compiled  a  "List  of  Prime  Numbers  from  1  to  10,006,721," 
Carnegie  Institution  of  Washington,  Washington,  D.C.,  1914. 
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Theorem  3-4.     The  number  of  primes  of  the  form  An  —  1  is  infinite. 

Suppose  the  number  of  positive  primes  of  the  form  4n  —  1  is  finite,  and 
let  p  be  the  largest  one  of  them.  Determine  all  such  primes  from  1 
through  p,  and  form  their  product.  Then  construct  the  integer  N  by 
multiplying  this  product  by  4  and  subtracting  1  from  the  result.     Thus 

N  =  (4  •  3  •  7 p)  -  1 

If  AT"  is  a  prime,  it  is  one  of  the  form  An  —  1  that  was  not  previously 
counted,  for  it  is  larger  than  p.  But  if  iV  is  a  composite,  it  has  an  odd 
prime  factor.  Consequently,  this  factor  has  the  form  4n  —  1  or  4n  +  1. 
If  it  is  of  the  form  An  —  1,  it  is  not  one  of  the  primes  from  1  through  p,  or 
by  the  distributive  law  it  would  divide  1,  and  that  is  impossible.  There- 
fore, if  the  prime  factor  is  of  this  form,  it  is  a  prime  larger  than  p.  But 
if  the  prime  factor  of  N  has  the  form  An  +  1,  there  is  a  complementary 
factor  of  the  form  An  —  I,  for  the  complementary  factor  must  also  be  odd, 
and  the  product 

(4s  +  1)(4«  +  1)  =  4/c  +  1 

does  not  yield  the  form  An  —  1,  whereas  the  product 

(4s  +  l)(At  -  1)  =  Ak  -  1 

does.  We  observe  immediately  that  this  complementary  factor  At  —  I 
has  a  prime  factor. 

The  argument  is  now  repeated  with  reference  to  this  last  prime  factor. 
Since  the  size  of  each  of  the  positive  factors  having  the  form  An  —  1 
decreases  as  the  argument  proceeds,  we  must  finally  arrive  at  a  factor 
having  the  form  An  —  1  that  has  only  itself  and  1  as  positive  factors. 
This  integer  is,  therefore,  a  prime.  It  is  of  the  proper  form,  and  it  is  not 
one  of  the  primes  from  1  through  p.  It  is,  therefore,  larger  than  p,  and, 
as  a  result,  the  number  of  primes  of  the  form  An  —  1  is  infinite. 

Dirichlet  (1805  —  1859)  showed  by  using  advanced  methods  that  the 
arithmetic  progression  determined  by  an  +  b,  where  a  and  b  are  fixed 
integers  and  (a,  6)  =  1,  while  n  has  all  integral  values,  contains  an  infinite 
number  of  primes.  Although  for  many  years  elementary  proofs  were 
known  for  special  cases  of  this  theorem,  such  as  An  —  1,  no  proof  of 
the  general  theorem  that  did  not  make  use  of  the  methods  of  analysis 
employed  by  Dirichlet  had  been  developed  until  1949.  About  this  time 
certain  mathematicians  (Paul  Erdos,  Atle  Selberg,  H.  N.  Shapiro,  and 
H.  Zassenhaus),  working  on  the  prime  number  theorem  and  in  the  theory 
of  algebraic  numbers,  developed  methods  that  produce  new  proofs  of 
Dirichlet's  theorem.     These  are,  however,  beyond  the  scope  of  this  text. 
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Theorem  3-5.     If  2n  —  1  is  a  prime,  n  is  a  prime. 

Suppose  that  n  is  a  composite  and  that  n  =  nin2,  where  1  <  n\  <  n. 
Then  2nin*  —  1  has  the  factor  2n*  —  1  which  is  neither  1  nor  2n  —  1. 
Consequently,  n  must  be  a  prime  if  2n  —  1  is  a  prime. 

Notice,  however,  that  when  p  is  a  prime,  2P  —  1  need  not  be  a  prime, 
for  when  p  =  11,  211  —  1  has  the  factor  23. 

EXERCISES 

1.  Show  that  all  primes  except  ±2,  ±3  are  represented  by  the  forms  6n  —  1  and 
6n  +  1. 

2.  Show  that  there  is  an  infinite  number  of  primes  of  the  form  6n  —  1. 

3.  Prove  that  n4  +  4  is  composite  when  n  >  1. 

4.  Show  that  if  2n  +  1  is  an  odd  prime,  n  is  a  power  of  2. 

5.  Determine  whether  or  not  1781  and  4079  are  primes. 

3-4.  Unique  Factorization.  We  have  previously  proved  by  means  of 
a  rather  long  discussion  that  when  m  \  ab  and  (m,  a)  =  1,  then  m\b.  In 
the  case  where  m  is  a  prime  this  theorem  can  also  be  proved  in  the  follow- 
ing manner: 

Theorem  3-6.  If  p  is  a  prime  and  p  does  not  divide  a  or  b,  then  p  does 
not  divide  ab. 

Take  a,  6,  and  p  positive  integers,  and  consider  the  case  in  which 
a  <  p,  and  b  <  p.  We  shall  prove  that  the  prime  p  does  not  divide  ab 
by  assuming  the  contrary  and  showing  that  we  arrive  at  an  impossibility. 
According  to  the  principle  of  Archimedes  there  exists  a  positive  integer  k 
such  that  for  a  >  1 

ka  <  p  <  (k  +  l)a 

where  the  equality  sign  is  omitted  because  p  is  a  prime.     Therefore 

0  <  p  —  ka  <  a 
and 

0  <  (p  -  ka)b  <  ab 

But  if  p  divides  ab,  then  p  divides  pb  —  kab  and  this  positive  integer  is  a 
smaller  multiple  of  b  than  is  ab.  This  argument  leads  to  the  conclusion 
that  there  is  always  a  positive  multiple  of  b  that  is  divisible  by  p  and  is  at 
the  same  time  smaller  than  the  one  last  found.  Accordingly  there  would 
be  an  infinite  number  of  multiples  of  b  between  b  and  ab.  The  result  is, 
of  course,  impossible,  and  consequently  p  Jf  ab. 

Suppose  now  that  not  both  a  and  b  are  less  than  p.     Then 

a  =  mip  +  ri 

b  =  m2p  +  r2         0  <  ri,  r2  <  p 
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Thus 

ab  =  Kp  +  rir2 

and  if  p  \  ab,  it  follows  that  p  |  nr2,  where  both  r\  and  r2  are  positive  and 
less  than  p.  We  know  this  division  is  impossible,  and  therefore  p  \  ab. 
The  result  implies  that  if  p  \  ab,  p  divides  at  least  one  of  a  and  b. 

Theorem  3-7.  If  p  is  a  prime  and  p  does  not  divide  at-,  where  i  =  1,2, 
.  .  .  ,  n,  then  p  does  not  divide  the  product  of  the  a{. 

If  p  divides  aia2  •  -  -  an,  then  p  divides  a±  or  a2a3  •  ■  •  an.  But  p  does 
not  divide  oi,  and  so  it  divides  a2a%  •  •  •  an.  In  like  manner  p  divides 
o2  or  a3  •  *  *  an.  Finally,  p  would  have  to  divide  an,  but  it  does  not,  and 
therefore  p  does  not  divide  the  given  product. 

Theorem  3-8.  Fundamental  theorem  of  arithmetic.  Except  for 
associated  primes  and  the  order  of  the  factors,  a  composite  can  be  factored 
into  primes  in  one  and  only  one  way. 

Assuming  that  m  is  a  positive  composite,  according  to  Theorem  3-1,  m 
has  a  positive  prime  factor  pi  so  that  m  =  piirii.  If  mi  is  not  a  prime,  we 
again  apply  this  theorem  and  obtain  mi  =  p2m2  and  m  =  pip2m2.  Since 
m  >  mi  >  m2  >  •  •  •  >  0,  we  need  carry  out  this  process  only  a  finite 
number  of  times  until  we  have  factored  m  into  positive  primes.  Thus 
m  =  PiPi   •    '    '   Pn- 

Suppose  that  there  is  a  second  factorization  of  m  into  positive  primes  so 
that  m  =  qiq2  •  •  ■  qr,  where  n  >  r.     Then 

P1P2  •   •   •  pn  =  qiq2  ■   ■   '  qr 

Therefore,  p\  divides  the  product  qiq2  •  *  *  qr  and  must  divide  one  of  the 
primes  qh  where  j  =  1,  2,  .  .  .  ,  r.  Suppose  pi  divides^i.  The  only 
divisors  of  qi  are  + 1  and  ±  qi,  and  since  pi  and  qi  are  positive  primes, 
Pi  =  q\.     Hence, 

P2PZ  ■  •  '  Pn  =  qiqz  '  •  '  qr 

Continuing  this  process,  we  see  that  when  n  =  r,  each  p{,  where  i  =  1, 
2,  .  .  .  ,  n,  is  identical  with  a  corresponding  qj}  but  when  n  >  r,  we 
finally  have 

Pr+l    *    •    '    Pn   =    1 

and  each  of  the  integers  pr+i,  .  .  .  ,  pn  must  be  a  unit.  Therefore,  the 
factorization  of  the  positive  composite  m  into  positive  primes  is  unique. 

It  is  obvious,  then,  that  if  we  gather  the  equal  primes  together  into  the 
power  form  ps,  any  composite  m  can  be  written  in  the  form  ±  pin^p2n2  •  •  • 
prn*,  where  the  factorization  is  unique  except  for  the  use  of  an  associate 
in  the  place  of  any  prime  and  the  order  of  the  factors. 

The  reader  may  well  remember  that  an  algebraic  factorization  of  an 
expression  shows  factors  of  all  integers  represented  by  the  expression,  and 
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the  factorization  may,  therefore,  be  used  to  demonstrate  a  property  of  all 
these  integers.  For  instance,  by  using  the  factors  a  -\-  I  and  a  —  1,  we 
can  show  that,  for  a  >  2,  a2  —  1  never  represents  a  prime.  In  factoring 
an  integer  that  is  written  in  polynomial  form  into  the  product  of  two 
integers,  however,  one  must  recall  that  while  the  expression  may  not  be 
factorable  algebraically  into  rational  factors  or  may  be  factorable  in  just 
one  way  besides  itself  and  1,  a  particular  integer  represented  by  the 
expression  may  have  several  factorizations.  It  is  evident  that  although 
the  expression  a2  +  1  lacks  factors  in  our  domain,  yet,  for  the  particular 
value  a  =  5,  a2  +  1  =  26  has  the  factors  2  and  13.  Again,  an  integer 
represented  by  a2  —  1  may  have  factors  other  than  those  given  by  the 
only  rational  factors  a  —  1  and  a  +  1  of  a2  —  1.  For  instance,  when 
a  =  5,  a2  —  1  =  24  and  this  integer  has  the  factors  3  and  8,  2  and  12,  as 
well  as  4  and  6.  Hence,  we  must  be  careful  to  avoid  drawing  the  conclu- 
sion that  an  integer  lacks  factors  just  because  the  algebraic  expression  of 
which  it  is  a  value  fails  to  produce  the  factors. 

EXERCISES 

1.  Show  that  if  both  x  and  y  are  odd,  there  is  no  z  such  that  x2  +  y2  =  z2. 

2.  Show  that  if  {a,  b)  =  1  and  ab  =  cn,  then  a  =  sn,  b  =  tn. 

3.  Show  that  an  integer  can  be  represented  as  a  difference  of  two  squares  if  and  only 
if  it  is  of  the  form  2n  +  1  or  4n.  Show  also  that  the  representation  is  unique  when 
the  integer  is  a  prime. 

4.  Find  the  positive  integers  x  that  make  x(x  +  42)  a  perfect  square. 

5.  Find  the  positive  integers  x  that  make  x(x  +  84)  a  perfect  square. 

3-5.  Fermat's  Method  of  Infinite  Descent.  Although  it  was  fairly 
easy  to  show  in  Exercise  3  of  the  last  set  that  a  prime  of  the  form  4ft  -j-  1 
can  be  represented  uniquely  as  a  difference  of  two  squares,  the  problem  of 
expressing  a  prime  of  the  form  4ft  +  1  as  a  sum  of  two  squares  attracted 
the  attention  of  mathematicians  for  many  years.  Fermat  claimed  in 
1641  that  he  had  proved  the  theorem  by  the  inductive  method,  called  the 
method  of  infinite  descent,  which  was  exhibited  in  the  proof  of  Theorem 
3-6.  Thus  he  said,  "  If  a  prime  4n  +  1  is  not  a  sum  of  two  squares,  there 
is  a  smaller  prime  of  the  same  nature,  then  a  third  still  smaller,  etc.,  until 
the  number  5  is  reached."*  Since  5  is  the  smallest  positive  prime  of  the 
form  4n  +  1,  and  since  it  can  be  written  5  =  l2  +  22,  the  method  leads 
to  a  contradiction  and  consequently  each  prime  of  the  form  4ft  +  1  is  a 
sum  of  two  squares.  Whether  or  not  Fermat  actually  proved  the  theorem 
we  do  not  know,  but  Euler  is  generally  credited  with  developing  the  first 
proof  together  with  the  proof  of  the  unicity  of  the  representation.  It 
was  not  until  1843,  however,  that  he  established  a  point  that  he  needed 

*  L.  E.  Dickson,  " History  of  the  Theory  of  Numbers,"  Vol.  2,  p.  228. 
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for  a  rigorous  proof.  In  the  meantime  by  1801  Gauss  had  applied 
the  theory  of  binary  biquadratic  forms  to  show  the  existence  of  the 
representation.  * 

But  Fermat's  method  of  infinite  descent  used,  as  he  claimed,  in  the 
proof  of  the  above  theorem  is  of  particular  interest.  He  admitted  that 
it  could  be  applied  with  more  facility  to  prove  the  impossibility  of  certain 
relations,  of  which  Theorem  3-6  is  an  example,  than  to  show  affirmative 
statements.  He  made  use  of  the  method  in  the  one  specimen  of  a 
detailed  proof  that  has  been  left  by  him  when  he  showed  that  if  integers 
a,  b,  c  are  the  sides  of  a  right  triangle,  the  area  cannot  be  a  perfect  square. 

3-6.  The  Euclidean  Algorithm.  An  algorithm  is  a  method  of  obtaining 
a  result  by  repeated  applications  of  an  operation  and  is  such  that  an 
element  determined  by  one  application  of  the  operation  is  used  at  least 
once  in  a  succeeding  application  until  the  desired  result  has  been  found. 

It  is  important  to  have  a  method  for  finding  the  greatest  common 
divisor  of  two  integers  a  and  b.  If  one  integer  is  zero,  the  greatest  com- 
mon divisor  is  evidently  the  positive  associate  of  the  other  integer,  and  if 
either  or  both  integers  are  negative,  the  greatest  common  divisor  is  the 
same  as  it  is  for  the  positive  associates.  Taking  both  a  and  b  positive, 
therefore,  with  a  >  b,  we  shall  set  up  the  Euclidean  algorithm  for  finding 
the  greatest  common  divisor  of  a  and  b. 

Applying  the  theorem  of  Euclid,  we  have 

a  =  rriib  +  r\  0  <  n  <  b 

b  =  ra2ri  +  r2         0  <  r2  <  n 

ri  =  m3r2  +  r3        0  <  r3  <  r2 

Ti-2  =  rrtiTi-i  +  Ti  0    <  Ti   <  Ti-i 


rk-2  =  mkrk-i  +  rk        0  <  rk  <  r*_i 
rk-!  =  mk+xrk 

Because  b  >  r\  >  r2  >  •  •  •  >  r*  >  0,  it  is  evident  that  after  k  appli- 
cations of  the  theorem  we  must  arrive  at  a  remainder  rk  that  is  a  divisor 
of  rk-i.  Then  rk  is  the  greatest  common  divisor  of  a  and  b,  for  first  of  all 
rk  |  rk-2  since  it  divides  r&_i.  In  like  manner  because  rk  divides  rk-i  and 
rfc-2,  it  must  divide  rfc_3.  Using  the  steps  of  the  algorithm  in  reverse 
order,  we  observe,  therefore,  that  rk  divides  each  r*  and  finally  that  it  is  a 
common  divisor  of  b  and  a.  But  any  common  divisor  of  a  and  b  divides 
ri,  and  by  the  second  step  it  also  divides  r2.  Proceeding  in  this  manner, 
we  see  that  any  common  divisor  of  a  and  b  divides  rk.  Therefore,  rk  is  the 
greatest  common  divisor  of  a  and  b. 

The  first  step  of  the  algorithm  shows  that  n  can  be  expressed  linearly 

*  Ibid.,  p.  233. 
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in  terms  of  a  and  b,  for 

ri  =  a  —  mj) 

Moreover,  r2  =  b  —  m2rh  so  that  r2  =  6  —  ra2(a  —  raib)  =  (1  +  mim2)b 
—  m2a.     Thus  from  the  equations 

Ti-i  =  Mia  +  M2b 
n  =  Nxa  +  N2b 
we  see  that  since 

ri+i  =  u-i  —  mi+iTi 
then 

rl+1  =  Qid  +  Q2b 

Hence,  as  was  shown  by  a  different  method  in  Chap.  2,  rk,  the  greatest 
common  divisor  of  a  and  b,  can  be  expressed  as  a  linear  function  of  a  and 
b  with  integral  coefficients. 

In  the  special  case  where  b  \  a  so  that  ri  =  0,  it  is  evident  that  b  is  the 
greatest  common  divisor  of  a  and  b  and  that  b  =  a(0)  +  b(l). 

By  applying  the  unique  factorization  theorem,  it  is  also  apparent  that 
if  the  integers  ai}  where  i  =  1,  2,  .  .  .  ,  n,  are  factored  into  powers  of 
distinct  primes  so  that 

r 

en  =  n  vr^ 

3  =  1 

the  exponents  being  positive  integers  or  zero,  the  greatest  common  divisor 

r 

of  the  di  is  ]  [  pjs>,  where  each  Sj  is  the  smallest  exponent  that  occurs  for 

3  =  1 

Pj  in  the  factorizations  of  the  a;. 

Example.     Find  the  greatest  common  divisor  of  573  and  291. 

573  =  291  +  282,     291  =  282  +  9,     282  =  (31)  (9)  +  3,     9  =  (3)  (3) 

Hence,  the  greatest  common  divisor  is  3. 

EXERCISES 

1.  Find  the  greatest  common  divisor  of  5040  and  4704. 

2.  Express  the  greatest  common  divisor  of  168  and  525  as  a  linear  function  of  these 
numbers. 

3.  If  d  =  (a,  b),  then  d  is  the  number  of  integers  in  the  sequence  a,  2a,  3a,  .  .  .  ,  ba 
that  are  divisible  by  b.     Prove  it. 

4.  Show  that  the  sum  of  a  finite  number  of  rational  fractions  in  their  lowest  terms 
cannot  be  an  integer  if  the  denominators  are  prime  each  to  each. 

5.  Prove  that  two  integers  having  the  form  22"  +  1  are  relatively  prime.  From 
this  fact  develop  another  proof  that  there  are  infinitely  many  primes.  (Integers  of 
the  form  22"  +  1  are  called  Fermat  numbers.  He  believed  erroneously  that  the  for- 
mula generated  primes  for  all  integral  values  of  n.) 
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6.  Prove  that  the  number  of  divisions  required  to  find  the  greatest  common  divisor 
of  two  positive  integers  written  in  the  scale  of  10  by  means  of  the  Euclidean  algorithm 
does  not  exceed  five  times  the  number  of  digits  in  the  smaller  integer. 

3-7.  The  Least  Common  Multiple 

Theorem  3-9.  If  d  is  the  greatest  common  divisor  of  the  positive 
integers  a  and  b  so  that  a  =  aQd,  b  =  b0d,  the  least  common  multiple  of  a 
and  b  is  a0b0d. 

Any  common  multiple  of  a  and  b  is  a  multiple  of  a  and  therefore  has  the 
form  ma.  But  it  is  also  a  multiple  of  b  =  b0d.  Thus  bQd  \  ma0d,  and 
because  (a0,  b0)  =  1,  it  follows  that  b0  \  m.  Hence,  any  common  multiple 
of  a  and  b  has  the  form  ka0bod. 

However,  a0W  |  ka0b0d,  and  in  order  that  an  integer  be  a  common 
multiple  of  a  and  b,  it  is  sufficient  that  it  have  the  factors  a0  and  b0d. 
Therefore,  the  positive  common  multiple  of  a  and  b  that  divides  every 
common  multiple  is  a0W- 

Corollary  1.  If  a  and  b  are  relatively  prime,  their  least  common 
multiple  is  the  positive  associate  of  their  product  ab. 

Corollary  2.  An  integer  is  the  least  common  multiple  of  the  nonzero 
integers  a  and  6  if  and  only  if  it  is  the  smallest  positive  integer  that  is  a 
common  multiple  of  them. 

Theorem  3-10.  If  the  least  common  multiple  of  a\  and  a2  is  L12,  then 
the  least  common  multiple  of  ah  a2,  and  a3  is  the  least  common  multiple 
of  L12  and  a%. 

Let  L  be  the  least  common  multiple  of  L12  and  a3.  Then  L  is  a  common 
multiple  of  a1}  a2,  and  a3.  But  any  common  multiple  of  ax  and  a2  is  a 
multiple  of  their  least  common  multiple  Li2.  For  the  same  reason,  if 
besides  being  a  multiple  of  Li2  an  integer  is  a  multiple  of  a3,  it  is  a  multiple 
of  L.  Thus  any  common  multiple  of  ah  a2,  and  a3  is  a  multiple  of  L. 
Therefore,  L  is  the  least  common  multiple  of  oi,  a2,  and  a3,  for  it  is  a  com- 
mon multiple  of  them,  and  it  divides  all  their  common  multiples. 

In  like  manner  we  can  extend  the  theorem  to  show  that: 

Theorem  3-11.  The  least  common  multiple  of  the  set  of  integers 
ai,  a2,  .  .  .  ,  cin-i,  an  is  the  least  common  multiple  of  an  and  the  integer 
that  is  the  least  ccmmon  multiple  of  the  set  Oi,  a2,   .  .   .   ,  an_i. 

Corollary.  Any  common  multiple  of  the  nonzero  integers  ah  a2,  .  .  .  , 
an  is  a  multiple  of  the  smallest  positive  integer  of  which  each  az-  is  a  factor. 

r 

It  is  obvious  that  when  a{  =  ]}  p/ni>,  where  i  =  1,  2,  .  .  .  ,  n,  the 

3  =  1 

r 

least  common  multiple  of  the  a{  is  J  J  p/**,  where  Gj  is  the  exponent  of  the 
highest  power  of  p3-  occurring  in  the  factorizations  of  the  az-. 
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EXERCISES 

1.  If  d  =  (a,  b),  where  a  and  b  are  positive,  show  that  ab  is  equal  to  the  product  of 
d  and  the  least  common  multiple  of  a  and  b. 

2.  Show  that  if  2k  is  the  highest  power  of  2  that  is  a  factor  of  an  integer  of  the  set  1, 
2,  3,  .  .  .  ,  n,  then  that  integer  of  the  set  that  is  a  multiple  of  2fc  is  2k  itself  and  is  the 
only  integer  in  the  set  that  is  divisible  by  2k. 

3.  Prove  that  \  +  \  +    •   •  •    +  1/n  is  not  an  integer. 

4.  A  necessary  and  sufficient  condition  that  a  positive  common  multiple  M  of  the 
nonzero  integers  at-,  where  i  =  1,  2,  .  .  .  ,  n,  be  their  least  common  multiple  is  that 
the  quotients  M/ca  be  relatively  prime.     Prove  it. 

6.  Show  that  the  product  of  n  positive  integers  is  equal  to  the  product  of  their  least 
common  multiple  and  the  greatest  common  divisor  of  all  possible  products  that  can  be 
formed  by  taking  the  integers  n  —  1  at  a  time. 

6.  If  rrii,  where  i  =  1,  2,  .  .  .  ,  r,  is  a  set  of  integers  having  (m,,  m,)  =  di}-,  where 
j  =  1,  2,  .  .  .  ,  r,  and  if  A»  is  the  least  common  multiple  of  mh  m2,  .  .  .  ,  m»_i, 
mi+h  .  .  .  ,  and  mr,  then  the  greatest  common  divisor  of  rm  and  Ai  is  the  least  com- 
mon multiple  of  da,  di2,   .  .  .  ,  d<,»-i,  d*,*+i,   .  .  .  ,  dir. 

3-8.  The  Divisors  of  an  Integer.  When  we  refer  to  the  number  of 
divisors  of  an  integer  m,  we  mean  the  number  of  positive  divisors  of  that 
integer  and  we  designate  it  by  r(ra).  Thus  r (6)  =  r(  —  6)  =4.  We  also 
use  the  symbol  <r(m)  to  represent  the  sum  of  the  positive  divisors  of  m. 

It  is  evident  that  the  number  of  divisors  of  a  prime  p  is  2  and  the  sum 
of  the  divisors  is  just  p  +  1  if  p  >  0. 

Moreover,  the  divisors  of  pa  are  1,  p,  p2,  .  .  .  ,  pa,  and  so  their  number 
is  a  +  1,  and  their  sum  is  1  +  P  +  P2  +   •  •  ■   +  Pa- 

Theorem  3-12.  If  0  <  m  —  piaip2az  ■  •  *  prar,  the  number  of  divisors 
of  m  is  (a\  +  1)(«2  +  1)   *  *  '   («r  +  1)  and  the  sum  of  the  divisors  of  m  is 

Pl«i+i  _  i    p2«2+i  _  i  Pr«r+i  _  i 

Pi  -  1  P2  —  1  Pr  -  1 

r 

If  m  =   ]  J  Piai,  it  is  evident  that  each  divisor  of  m  which  is  also  a  divisor 

i  =  l 

of  p\ai  is  a  term  in  the  expression 

1  +  Pi  +  Pi2  +   •   •   •   +  Piai  (1) 

Moreover,  only  these  terms  are  divisors  of  both  m  and  piai.  In  like  man- 
ner the  terms  of 

1    +   P2    +   P22    +     '     '     •     +   P2">  (2) 

give  all  and  only  the  divisors  common  to  m  and  p2a2.  If  we  multiply  these 
two  sums  together,  each  of  the  terms  of  the  result  is  a  divisor  of  piaip2a2 
and  furthermore  these  terms  give  all  the  common  divisors  of  piaip2a*  and 
m.     This  product  of  (1)  and  (2)  is 
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1  +  Pi  +  Pi2  +   '   •   '   +  Pi"1  +  Vi  +  P1P2  +  Pi22>2  +  '•••  + 

PiaiP2    +     '     '     *    +    Piaip2a* 

and  it  has  («i  +  l)(a2  +  1)  terms. 

Continuing  the  reasoning  in  this  manner,  we  see  that  the  terms  of  the 
expansion  of  the  product 

(1    +   Pi    +     •     '     •     +   Pltt0(l    +   P2    +     '     '     '     +   P2«2)     *     *     ' 

(1    +  Vt  +     '     •    '     +  Pr°')        (3) 

give  all  and  only  divisors  of  m.     There  are 

r 

r(ro)  =  («i  +  l)(a2  +  1)   •  •  ■  •  («,  +  1)  =   11  («*  +  !) 

t-i 

terms  in  this  result,  and  therefore  that  is  the  number  of  divisors  of  m. 

The  sum  of  the  divisors  of  m  is  the  sum  of  the  terms  in  the  same  product 
(3)  and  is,  therefore, 

r  r 

<r(m)  =  \\  (1  +  Pt  + .  •  •  •;  +  Pf)  =  J!  g^~T 

i  =  1  t  -  1 

EXERCISES 

r 

1.  Prove  that  the  sum  of  the  nth  powers  of  the  divisors  of  m  =   J  J  p*"**  is 

i=l 

np.»(«i+D  -  i 
P<n  -  1 

i  =  l 

2.  Find  the  smallest  positive  integer  with  6  divisors. 

Since  6  =6-1  =2-3  =  (ai  +  l)(a2  +  l),  the  exponents  of  the  prime  factors  of 
the  required  number  are  either  the  pair  5,  0  or  the  pair  1,  2.  Evidently  22  •  3  =  12  is 
smaller  than  25. 

3.  Find  some  integers  having  10  divisors. 

4.  Find  the  smallest  positive  integer  with  15  divisors. 

5.  Prove  that  if  n  =  ninz,  with  n\  >  ni  >  1,  so  that  both  2n_1  and  2ni-13n»-1  have 
n  divisors,  then  2n_1  >  2ni-13n2_1. 

6.  Prove  that  if  n  =  nintfiz,  with  1  <  n\  <  ni  <  n3,  then  2ns-13"«~15ni-1  is  less 
than  2ri2n3-i3»H-i  and  both  have  n  divisors.  Consider  the  cases  in  which  n2  =  n%,  in 
which  ni  =  n2,  and  in  which  n\  =  ni  —  n^. 

7.  Find  by  trial  positive  integers  n  such  that  the  sum  of  the  divisors  of  n  is  a 
perfect  square. 

8.  Find  all  primes  that  are  one  less  than  a  perfect  square.  Is  there  a  prime  that 
is  one  less  than  a  perfect  cube?  Can  you  find  a  prime  that  is  one  less  than  n4?  Prove 
a  general  statement  to  cover  these  results. 

9.  Find  by  trial  positive  integers  n  such  that  the  sum  of  the  divisors  of  n  is  a 
multiple  of  n. 

10.  Prove  that  a  positive  integer  is  the  sum  of  consecutive  positive  integers  if  and 
only  if  it  is  not  a  power  of  2. 

11.  Prove  that  the  number  of  divisors  of  a  positive  integer  is  odd  or  even  according 
as  the  integer  is  or  is  not  a  square. 
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12.  Prove  that  the  product  of  the  divisors  of  a  positive  integer  n  is  n8/2,  where  s  is 
the  number  of  divisors  of  n. 

13.  Prove  that  if  r  is  the  number  of  distinct  prime  factors  of  n  >  0,  the  number  of 
ways  in  which  n  can  be  factored  into  two  relatively  prime  factors  is  2r_1. 

3-9.  Perfect  Numbers.  Examine  the  divisors  of  6,  and  you  will  notice 
the  interesting  fact  that  their  sum  is  12.  Observe  also  that  the  sum  of  the 
divisors  of  28  is  56.  A  positive  integer  is  said  to  be  perfect  if  the  sum  of 
its  divisors  is  double  itself.     Besides  6  and  28,  the  integers  496,  8128, 

Hi*  ■  3??Z-  '  to  '  ' 

130,816,  2,096,128,  and  33,550,336  are  perfect.  Notice  that  all  these 
perfect  numbers  are  even.  Although  no  odd  perfect  number  has  ever 
been  found,  mathematicians  have  not  been  able  to  prove  that  none  exists. 
It  has  been  shown,  however,  that  if  one  does  exist,  it  is  greater  than  10 
billion.*     On  the  other  hand,  we  can  prove: 

Theorem  3-13.  An  even  integer  is  perfect  if  and  only  if  it  has  the 
form  2P~1(2P  —  1),  where  2P  —  1  is  a  prime. 

If  an  integer  is  of  the  given  form,  which  is  due  to  Euclid,  the  sum  of  its 
divisors  is 

(1  +  2  +   •   •   •   +  2^-1)(l  +  2P  -  1)  =  2^(2^  -  1) 

and  hence  the  integer  is  perfect. 

The  converse  was  first  proved  by  Euler,  but  we  shall  present  a  method 
due  essentially  to  L.  E.  Dickson.  Assume  that  m  is  of  the  form  2kq, 
where  q  is  odd.  If,  further,  m  is  perfect,  by  letting  s  represent  the  sum  of 
all  the  divisors  of  q  except  q  itself,  we  have 

2k+iq  =   (2*+i  -   l)(g  +  s) 

But  2k+l  —  1  is  odd,  and  hence  2k+l  divides  q  +  s,  so  that 

q  +  s  =  2k+ln 

Upon  substituting  this  value  in  the  first  equation,  we  obtain 

q  =  (2*+1  -  l)n 

Consequently,  n  is  a  divisor  of  q.  But  by  subtracting  q  from  q  +  s  we 
find  that  s  =  n.  Now  let  us  suppose  that  s  =  n  =  q.  Then  the  equa- 
tion q  =  (2k+l  —  l)q  gives  1  =  2k+1  —  1,  and  k  =  0.  In  this  case  the 
original  integer  2kq  would  not  be  even.  But  if  we  suppose  that  n  is  a 
divisor  of  q  that  is  not  q  and  not  1,  then  n  =  s  is  at  least  the  sum  of  the 
divisors  n  and  1.  However,  it  is  impossible  that  n  >  n  +  1.  Accord- 
ingly, n  =  l,  and  the  only  divisors  of  q  are  q  and  1.  Thus  q  is  a  prime. 
Since  q  =  2k+l  —  1,  the  exponent  k  +  1  is  a  prime.  Therefore,  every 
even  perfect  number  has  the  form  2P_1(2P  —  1),  in  which  both  2P  —  1  and 
p  are  primes. 

*  A.  Brauer,  Bull.  Am.  Math.  Soc,  Vol.  49,  No.  10,  pp.  712-718,  1943.  H.  A.  Bern- 
hard,  Am.  Math.  Monthly,  Vol.  56,  No.  9,  pp.  628-629,  1949. 
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Integers  of  the  form  2P  —  1  with  p  a  prime  less  than  or  equal  to  257  are 
called  Mer serine  numbers*  after  the  mathematician  Marin  Mersenne,  who 
lived  from  1588  to  1648.  Mersenne  was  interested  in  discovering  which 
of  these  numbers  2P  —  1  are  primes  and  made  certain  decisions  about 
their  primality  even  though  he  lacked  the  modern  facilities  for  testing 
numbers  of  this  magnitude.  It  has  taken  many  years  to  decide  that 
exactly  12f  of  the  Mersenne  numbers  are  primes.  In  1944,  six  Mersenne 
numbers  corresponding  to  the  primes  p  =  157,  167,  193,  199,  227,  and  229 
remained  to  be  tested.  The  tremendous  task  of  investigating  the  char- 
acter of  these  6  numbers  was  carried  out  by  H.  S.  Uhler.  He  completed 
the  work  in  1947,  finding  no  prime  among  them.  We  now  know  that 
only  the  primes  p  =  2,  3,  5,  7,  13,  17,  19,  31,  61,  89,  107,  and  127  deter- 
.mine  Mersenne  primes  of  the  form  2P  —  1  and  hence  that  only  these  12 
Mersenne  numbers  yield  perfect  numbers.  The  largest  of  these  perfect 
numbers  has  77  digits  J  when  written  in  the  scale  of  10. 

The  author  is  indebted  to  D.  H.  Lehmer  for  the  information  that  during 
the  year  1952  it  was  demonstrated  by  the  electronic  calculator  SWAC 
that  2P  -  1  is  prime  for  p  =  521,  607,  1279,  2203,  and  2281.  Conse- 
quently, five  more  integers  are  now  known  to  be  perfect.  It  is  particu- 
larly interesting  to  notice  the  large  gaps  between  some  of  these  primes. 

Doubtless  you  have  noticed  that  each  of  the  first  seven  perfect  numbers 
given  above  ends  in  6  or  28.  It  has  been  proved  that  all  perfect  numbers 
of  Euclid's  type  end  in  this  way. 

A  multiply  perfect  number  is  an  integer  n  the  sum  of  whose  positive 
divisors  is  a  multiple  of  n.  The  first  integer  n  the  sum  of  whose  divisors 
is  Sn  is  120.  Fermat  found  the  second  one,  which  is  672.  The  third  is 
523,776.  The  first  integer  the  sum  of  whose  divisors  is  four  times  itself 
is  30,240.  Recently  some  new  multiply  perfect  numbers  have  been 
discovered.  § 

Two  integers  are  said  to  be  amicable  if  their  sum  is  the  sum  of  the 
divisors  of  each  one.  The  smallest  pair  of  amicable  numbers  is  220  and 
284.     Another  pair,  17,296  and  18,416,  was  found  by  Fermat. 

3-10.  Scales  of  Notation.  Have  you  thought  of  5347  in  the  form  of 
the  polynomial  5xz  +  Sx2  +  4x  +  7,  where  x  =  10? 

Theorem  3-14.  Any  positive  integer  m  can  be  written  uniquely  in  the 
form  m  =  a0rn  +  a\rn~l  +  •  •  •  +  an,  where  r  >  1  and  the  coefficients 
are  such  that  0  <  a0  <  r  and  0  <  a$  <  r  for  i  =  1,  2,  .  .  .  ,  n. 

*  R.  C.  Archibald,  Scripta  Mathematica,  Vol.  3,  No.  2,  pp.  112-119,  1937. 

f  D.  H.  Lehmer,  Bull.  Am.  Math.  Soc,  Vol.  53,  No.  2,  pp.  164-169,  1947.  H.  S. 
Uhler,  Bull.  Am.  Math.  Soc,  Vol.  53,  No.  2,  pp.  163-164,  1947;  ibid.,  Vol.  54,  No.  4. 
pp.  378-380,  1948;  Scripta  Mathematica,  Vol.  18,  No.  2,  pp.  122-131,  1952;  Proc. 
Natl.  Acad.  Sci.  U.S.,  Vol.  34,  No.  3,  pp.  102-103,  1948. 

t  H.  Gupta,  Am.  Math.  Monthly,  Vol.  42,  No.  3,  pp.  163-164,  1935. 

§  B.  Franqui  and  M.  Garcia,  Am.  Math.  Monthly,  Vol.  60,  No.  7,  pp.  459-462,  1953. 
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When  m  is  written  in  the  form  a0rn  -+-  air"-1  +  •  •  •  -\-  an  with  the 
conditions  designated  in  the  theorem,  m  is  said  to  be  expressed  in  the 
scale  of  r  and  r  is  called  the  base,  or  radix. 

For  a  given  m  and  r  >  1,  we  know  that 

m  =  qir  -\-  an 
qi  =  qtf  +  an_i 


ft  =  ft  fir  +  an-i 

fti-l  =  ft^r  +  Ol 

?n  =  a0 

where  0  <  a*  <  r,  for  i  =  1,  2,  .  .  .  ,  n.  Furthermore,  we  must  finally 
arrive  at  qn,  which  is  positive  and  less  than  r,  because  m  >  q±  >  q2  > 
•  •  •   >  0.     Then 

gn_i  =  aQr  +  aY 

qn-2  =  a0r2  +  a±r  +  a2 



m  =  a0rn  +  axrn-1  +  •  ■  •  +  a„  vl'^ 

This  representation  is  unique,  for  if  n  >  s  and 

a0rn  +  air71"1  +  •  •  •   +  an  =  b0r8  +  b^8'1  +•••+?>« 

with  0  <  bj  <  r  and  j  =  0,  1,  .  .  .  ,  s,  then 

r(a0rn-1  +   •  •  •   +  an-i  —  b0rs-1  —   •  •  •   —  fe8_i)  =  bs  —  an 

Therefore,  r  divides  bs  —  a„,  and  bs  =  an.  Continuing  in  this  manner, 
we  find  that  each  6S_;-  =  an-j}  until,  if  n  =  s,  we  have  b0  =  a0,  but  if 
n  >  s,  60  =  «n-s,  and  then 

aorn_s_!  +   .  .  .  +  (ln_s_i  =  Q 

Since  r  >  0,  the  remaining  coefficients  must  all  be  0  and  the  representa- 
tion is  unique. 

It  is  on  the  basis  of  this  theorem  that  we  know  we  can  write  an  integer 
in  just  one  way  in  the  Hindu- Arabic  system,  which  uses  the  scale  of  10 
and  the  digits  0,  1,  2,  3,  4,  5,  6,  7,  8,  and  9.  The  integer  363  in  the 
ordinary  scale  becomes  2423  in  the  scale  of  5,  while  it  is  101,101,011  in  the 
scale  of  2. 

Corollary.  Any  positive  integer  n  can  be  expressed  in  one  and  only 
one  way  as  a  sum  of  distinct  powers  of  2. 

We  can  apply  this  corollary  to  show  that  for  weighing  approximately 
any  load  not  exceeding  127  lb  but  seven  weights  of  1,  2,  4,  8, 16,32,  and  64  lb 
each  are  needed  for  the  scales,  for  127  is  written  1,111,111  in  the  scale  of  2. 
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It  is  interesting  to  notice  that  the  Egyptians  recognized  that  an  integer 
can  be  expressed  as  a  sum  of  powers  of  2  and  that  they  made  use  of  this 
fact  in  doing  multiplication.  Suppose,  for  instance,  that  237  was  to  be 
multiplied  by  45.  They  would  first  determine  that  45  =  32  +  8  +  4  +  1 
and  then  compute  the  corresponding  multiples  of  237  by  the  process  of 
doubling.     Accordingly,  the  calculations  would  be: 


1 

237 

2 

474 

4 

948 

8 

1896 

16 

3792 

32 

7584 

Then  all  that  was  necessary  was  to  find  the  sum,  237  +  948  +  1896  + 
7584  =  10,665. 

They  carried  out  division  in  a  similar  manner.  If  539  was  to  be  divided 
by  41,  they  used  the  process  of  doubling  on  the  divisor  until  they  could 
find  suitable  multiples  of  it  which,  when  added,  would  give  a  result  smaller 
than  539  but  less  than  41  units  from  it.  Their  work  might  be  indicated 
as  follows: 


1 

41 

2 

82 

4 

164 

8 

328 

But  328  +  164  +  41  =  533,  and  so  539  =  8(41)  +  4(41)  +  1(41)  +  6, 
or  539  =  13(41)  +  6. 

The  digital  idea  is  the  basis  for  many  of  our  computing  machines. 
Indeed  even  the  abacus,  which  was  probably  the  earliest  mathematical 
machine,  makes  use  of  it.  Each  rod  of  the  abacus  corresponds  to  the 
place  a  digit  occupies  when  the  number  is  written  in  the  scale  of  10,  and 
the  beads  on  the  rods  correspond  to  the  digits.  Corresponding  to  the 
digital  places,  some  of  the  calculating  machines  use  the  contrivance  of  a 
series  of  gearwheels  that  rotate  when  certain  levers  are  pressed.  Each 
such  cogwheel  has  10  teeth  to  correspond  to  the  10  digits,  and  upon  a 
complete  rotation  of  a  given  wheel  there  is  a  mechanism  that  turns  the 
wheel  corresponding  to  the  next  higher  digital  place  through  one-tenth 
of  a  rotation. 

In  setting  up  some  of  the  modern  electrical  calculating  machines  it  has 
been  found  practical  to  use  the  binary  rather  than  the  denary  system  of 
notation.  In  spite  of  the  increased  number  of  digital  positions  necessary 
for  representing  any  number  greater  than  one  in  the  scale  of  2  as  com- 
pared with  the  scale  of  10,  fewer  electronic  tubes  are  required  by  machines 
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constructed  on  the  basis  of  this  system,  for  but  two  digits,  0  and  1,  are 
needed  in  each  position.  The  mechanism  is,  therefore,  decidedly  simpler. 
The  calculator  at  the  Institute  for  Advanced  Study  in  Princeton  is  of  this 
type.* 

EXERCISES 

1.  Prove  that  any  positive  integer  can  be  expressed  uniquely  as  a  sum  of  distinct 
powers  of  3  with  coefficient  —  1,  0,  or  +1.  From  this  representation  show  that  a  set 
of  five  weights  is  sufficient  to  weigh  any  load  of  at  most  121  lb  if  a  balance  scale  having 
two  pans  is  used. 

2.  Set  up  multiplication  tables  for  the  scale  of  5.  Then  write  42  and  352  in  the 
scale  of  5,  and  find  their  product  when  they  are  so  written.  Check  the  answer  by 
converting  the  result  to  the  ordinary  scale  of  10. 

3.  If  42  and  352  are  in  the  scale  of  6,  find  their  sum  and  product  in  that  scale. 

4.  Explain  the  ordinary  process  of  multiplication  by  writing  382  and  73  as  poly- 
nomials in  10  and  finding  the  product  of  the  polynomials. 

5.  In  what  scale  is  374  written  if  it  is  the  square  of  an  integer? 

6.  Prove  that  the  fraction  a/b  with  (a,  b)  =  1  and  a  <  b  can  be  expressed  uniquely 
in  decimal  form.  Show  that  the  decimal  either  terminates  or  repeats  in  cycles  of  not 
more  than  6  —  1  digits.     For  what  values  of  b  will  the  decimal  terminate? 

7.  If  (a,  b)  =  1  with  a  <  b  and  if  in  calculating  the  value  of  a/b  in  decimal  form  a 
remainder  b  —  a  occurs,  show  that  half  of  the  repeating  cycle  of  digits  has  been  found 
and  that  the  remainder  of  the  cycle  can  be  determined  by  finding  in  order  the  differ- 
ences between  9  and  the  digits  already  established. 

3-11.  The  Highest  Power  of  a  Prime  That  Is  a  Factor  of  n\.     If  a  is  a 

positive  integer,     —     is  the  largest  integer  a  such  that  aa  <  n.     This 

definition  is  equivalent  to  saying  that    -     =  a,  where  n  =  aa  +  r  with 

0  <  r  <  a.     Thus  U?     =  2,  and     ^~?     =  -3. 
Theorem  3-15.     For  any  a  and  b  greater  than  0, 


Let 


Therefore, 


[[•]' 

-hi 

_    & 

"  lab] 

n 
a 

=  a  and 

a 

T)_ 

=  (3,  so  thai 

b 

n  =  aa  +  1 

"i         0  <  7*1  <  a 

a  =  / 

3b  +  r 

2          0  <  r2  <  b 

n  = 


+  ar2  +  n 


Mathematical  Machines,  Sci.  American,  April,  1949,  pp.  29-39. 
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and 


[sl-'+N*] 


However,  r2  is  at  most  b  —  1,  and  r±  is  at  most  a  —  1,  and  thus  ar2  +  n 
is  at  most  a(jb  —  1)  +  a  —  1  =  a&  —  1.     Therefore, 


Corollary  1.     If  p  is  a  positive  prime, 


p< 


lps+,\ 


Corollary  2.     If  n  >  a  >  0  and  6  >  1,  then 


Corollary  3.     If  ra,  n,  and  a  are  positive, 

Corollary  4.     If  n  =  wi  +  n2  +   ■  •  •   +  nt,   where  the  n^  for  i  =  1, 


2,  .  .  .  ,  t,  are 


positive,  then  [>]  >[?]  +  [ 


+ 


+ 


[si 


Letting    —     =  ai;  we  have  n;  =  a»a  +  n  with  0  <  n  <  a.     Therefore, 

n  =  (ai  +  a2  +    *   *    *    +  «*)«  +  ri  +  r2  +    *    '    '    +  r« 


and 


=    ai   +  a2   +     *    *     *     +  OLt   + 


Hence, 


•i  +  ;  ;  •  +  n\ 

a  J 

[i]^  [?]  +  [?]+ ■•■+[?] 

If  p  is  a  positive  prime,  let  Ep(m)  be  the  exponent  of  the  highest  power 
of  the  prime  p  that  is  a  divisor  of  ra.  Using  this  symbol,  we  shall  prove 
the  following  theorem  due  to  Legendre  (1752-1833).  It  will  help  you  to 
appreciate  how  Ep(n\)  increases  as  n  increases. 

Theorem  3-16.  If  both  n  and  the  prime  p  are  positive,  the  exponent 
of  the  highest  power  of  p  that  divides  n\  is 


EJnl) 


K+[?]+--+H     \M- 


42  ELEMENTARY    THEORY    OF    NUMBERS 

Consider  the  set  of  integers 

1,  2,  .  .  .  ,  p,  .  .  •  ,  2p,  .  .  .  ,  V\  •  •  ■  ,  n  (4) 


p,  and  the  coeffi- 


The  last  integer  of  the  set  that  is  divisible  by  p  is 

cient  of  p  shows  that  there  are    -     multiples  of  p  in  this  set.     All  other 
integers  of  the  set  are  prime  to  p.     Hence, 

Ep(n\)  =Ep(v-2p p" |j]  p) 

Now  take  out  one  factor  p  from  each  of  these  multiples  of  p  that  are  in 

r-i 

the  set  (4),  thereby  obtaining  the  factor  pL^-l.     Therefore, 

«.o-[;]+*.0-> [;]) 

But  the  last  integer  of  the  new  set  1,  2,  .  .  .  ,    -    that  is  a  multiple  of  p  is 


,? 


P  =     — o    P-     We  can,  as  before,  remove  the  factor  pLp2J  from 

P  J         Lp2J 

the  product  of  the  integers  of  the  new  set,  showing  that 


*M*[S] +  &]  +  *('-» [?]) 

r-i   r-i 

Likewise,  we  remove  the  factors  pL?3-1,  pLp4J?   .  .   .  until  we  find  that 
ps  <  n  <  ps+1,  so  that  \  —  \  ^  0,  while     -^     =  0.     Therefore, 


Corollary.     If  n  =  a&,  #P  ((a6)I)  >  a#p  (6!). 

Theorem  3-17.     If  n  >  0  is  written  in  the  scale  of  the  prime  p  so  that 
n  =  aQps  -{-■••   +  as,  then 

s 

n  —    >    di 
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Because  n  =  a0ps  +  aips~l  + 
a,i  <  p  for  i  —  1,  2,  .  .  .  ,  s, 


n 

Lpj 

n 


=  a0ps_1  +  aips_2  + 
=  a0ps~2  +  ai7?s_3  + 


+  as  with  0  <  a0  <  p  and  0  < 

•  +  as_2p  +  as_i 

•  +  as_2 


fe]- 


Therefore 

+ 


+  a,_i 


or 


tf,(n!)  = 


a0ps  +  aips~ 

1  +   •  •  •   +  as_ip  - 

ao  - 

-   Oi 

—    •   •   • 

—  a8-i 

a0ps  +   '  •  ' 

v-  i 

+  as_ip  +  as  —  a0 

-  as-i  - 

-  as 

n  —  (a0  +  ai  + 


P-  1 

+  a.) 


p-  1 
Example.     Find  the  exponent  of  the  highest  power  of  5  in  138!. 
138  =  (27)5  +  3;  [±|?]  =  27;  27  =  (5)5  +  2;  ^J  =  5;  5  =  (1)5 

+  0;    ^     =  1.     Hence  #5(138!)  =  27  +  5  +  1  =  33. 

We  may  also  use  the  second  formula  for  Ep(n\).     Writing  138  in  the 

scale    of    5,    we    have    53  +  0(52)  +  2(5)  +  3.     Therefore    J£,(138!)  = 

(138  -  6)/4  =  33. 

t 

Theorem  3-18.     The  expression  n!/ai!a2!  ■  •  ■  at\,  where    >    a{  =  n, 

i=i 
is  an  integer. 

We  shall  show  that  n!/ai!a2!  •  •  •  at\  is  an  integer  by  proving  that  the 
highest  power  of  any  prime  contained  in  the  denominator  is  at  least 
equaled  by  the  highest  power  of  that  prime  contained  in  the  numerator. 
We  know  that 


w*  -  [=]  +  [>]  +  •  ■  •  +  [£] 


+ 


+ 


n 


n 


Lp8 


=  0     (5) 
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Since  a\  +  «2  +  *  *  *  +  <H  =  n,  if  ps+1  exceeds  n,  it  exceeds  each  a*,  and 
therefore    -^     =  0  for  i  =  1,  2,  .  .  .  ,  £.     Hence, 

*^-[|]  +  [p]+---+fe]+...+[p] 

where,  of  course,  some    — ^   ,  for  m  <  s  +  1,  may  be  0,  in  which  case  all 
the  integers  that  follow  it  in  the  sum  are  also  0.     Likewise, 

*;'"■";  [?]+  .;;;+.fe]+ .7.'.+[r] 

But  by  Corollary  4  above, 

L?J  -  L^J +  l_^j +  ' ' '  +  Yvk\ 

As  a  result  of  summing  by  columns  the  expressions  (6)  for  the  EP(ai\),  we 
conclude  from  Eq.  (5)  that 

Ep(n\)  >  Ep(ai\)  +  Ep(a2\)  +  -  -  -  +  Ep(at\) 

and  thus  the  given  expression  is  an  integer. 

Corollary  1.  The  product  of  any  n  consecutive  positive  integers  is 
divisible  by  n\. 

The  expression  k(k  +  l)(fc  +  2)  •  ■  ■  (k  +  n  -  l)/n\  =  (k  +  n  -  1) !/ 
(k  —  1)  \n\  and  therefore  is  an  integer. 

This  corollary  shows  that  the  coefficients  in  the  expansion  of  (a  +  b)n 
with  n  a  positive  integer  are  themselves  integers,  a  fact  otherwise  known 
from  the  multiplication  itself.  As  a  matter  of  fact  Theorem  3-18  proves 
that  the  coefficients  in  the  expansion  of  (6i  +  b2  +  ■  ■  ■  +  br)n,  for  n  >  0, 
obtained  by  means  of  the  multinomial  theorem  are  integers,  for  any  term 
of  the  expansion  takes  the  form 

n\ 

■     j     ,  biaib2a*  ■  •  '  bra- 

ai!a2!  •   ■   ■  ar\ 

where  ax  +  a2  +   '   '   '   +  ar  =  n. 

In  particular  it  is  now  evident  that: 

Corollary  2.  If  p  is  a  positive  prime,  all  the  coefficients  of  (6i  +  b2  + 
*  •  •  +  br)p  except  the  coefficients  of  the  &*p,  where  i  =  1,  2,  .  .  .  ,  r,  are 
multiples  of  p. 
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The  expression  p\/ai\a2\  •  •  •  ar\,  with  d\  +  a2  +  •  •  •  +  ar  —  p,  is 
an  integer,  and  furthermore  since  each  a,-  either  is  positive  and  less  than 
p  or  is  0,  there  is  no  factor  p  in  the  denominator.  Hence,  (p  —  1)!/ 
atlas!  •  •  *  ar!  —  M  is  an  integer,  and  the  required  coefficient  is  Mp. 

EXERCISES 

1.  If  aP  —  bp,  where  p  is  a  positive  prime,  is  divisible  by  p,  prove  that  it  is  divisible 
by  p2. 

2.  Prove  that  if  m,  n,  and  a  are  positive  integers, 

3.  If  re  is  a  real  number  and  [x]  is  the  largest  integer  that  is  less  than  or  equal  to  x> 
show  that: 

a.  [(1  +  \/S)n],  for  n  >  0,  is  odd  or  even  according  as  n  is  even  or  odd. 

b.  [(1  +  \/3)2n]  +  1  is  divisible  by  2n+1  for  n  >  0. 

c.  [(3  +  -\/o>]  +  1  is  divisible  by  2". 

4.  For  which  values  of  n  is  [4n  —  (2  +  \/2)n]  divisible  by  112? 

5.  Is  there  a  positive  integer  n  such  that  3200  is  the  highest  power  of  3  contained 
inn!? 

Applying  Theorem  3-17,  let  (n  —  l)/2  =  200,  for  the  sum  of  the  coefficients  of  the 
powers  of  3  necessary  to  express  n  in  the  scale  of  3  is  at  least  1.  Then  n  is  at  least  401. 
But  the  highest  power  of  3  contained  in  401!  is  3196.  However,  402  has  the  factor  3, 
so  that  402!,  403!,  and  404!  have  the  factor  3197,  but  405  has  the  factor  34,  so  that  405! 
has  the  factor  3201.     Hence,  there  is  no  n  such  that  n\  has  the  factor  required. 

6.  Find  a  positive  integer  n  such  that  519  is  the  highest  power  of  5  contained  inn!. 

7.  Show  that  95!  ends  with  22  zeros.     With  how  many  zeros  does  100!  end? 

8.  Find  the  highest  power  of  12  contained  in  500!. 

9.  Prove  that  the  exponent  of  the  highest  power  of  3  contained  in  (3r  —  2)!  is 
(3*-  -  2r  -  l)/2. 

10.  Find  the  exponent  of  the  highest  power  of  5  that  is  a  factor  of  (5r  —  1)!. 

11.  If  m  >  0  and  r(ra)  means  the  number  of  positive  divisors  of  m,  show  that 

*>+*>+•■■+*) -R]  +  [5] +  ....+ [2] 

12.  If  m  >  0  and  a(m)  is  the  sum  of  the  positive  divisors  of  m,  prove  that 

•a)+w»  +  ---+-«-[f]+.[5]+8[;]+...+.[2] 

13.  When  a  >  0  and  b  >  0,  prove  that  if  m  =  ab,  then  m\  is  divisible  by  (a!)6. 

14.  If  m  =  ab  with  a  and  b  positive  integers,  prove  that  m!  is  divisible  by  the  least 
common  multiple  of  (a\)b  and  (6!)a. 

15.  Prove  that  when  (m,  n)  =  1  and  m  and  n  are  positive  integers, 

(m  +n  -  1)! 
m\n\ 
is  an  integer. 

16.  Prove  that  when  m  and  n  are  positive  integers, 

(2m)!(2n)! 
7n\n\(m  +  n)\ 
is  an  integer. 
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17.  If  n  =  Oi  +  0,2  +   •  •  •    +  a>r  with  all  en  >  0  and  (ai,  a2,  .  .  .  ,  ar)  =  <2,  then 

I 
d(n  -  1)! 

ai!a2!  •  •  •  ar\ 
is  an  integer. 

18.  If  m,  n,  and  a  are  positive  integers,  under  what  conditions  will 


[t>[;]+*R] 


19.  Prove  that  (x  -  l)(x2  -  1)  •  •  •  (zr  -  1)  is  a  factor  of  (xn  -  l)(xn+1  -  l) 
.  .   .   (x»+r-i  _  i)  when  n  is  a  positive  integer. 

3-12.  Some  Theorems  on  Primes.  We  have  already  found  some  poly- 
nomials like  4as  —  1  that  represent  an  infinite  number  of  primes  for 
integral  values  of  x,  but  we  have  noticed  that  not  all  the  values  of  these 
polynomials  obtained  when  integers  are  substituted  for  the  variable  are 
primes.  For  instance,  4x  —  1  gives  15  when  x  =  4.  The  polynomial 
x2  —  x  +  41  is  extraordinary,  for  it  produces  primes  f or  x  =  0,  ±1,  ±2, 
±3,  .  .  .  ,  ±39,  and  40.  Mathematicians  have  not  yet  produced  an 
integral  polynomial  of  the  second  degree  in  one  variable  that  can  be 
shown  to  represent  an  infinite  number  of  primes,  nor  have  they  proved 
that  such  a  polynomial  does  not  exist.  On  the  other  hand,  certain 
quadratic  forms  represent  an  infinitude  of  primes. 

If  f(x)  is  a  function  of  x  whose  value  is  a  prime  whenever  x  is  a  positive 
integer,  then  f(x)  is  a  prime-representing  function. 

Mathematicians  have  recently  developed  prime-representing  functions* 
that  require  the  symbol  [as],  denoting  the  largest  integer  less  than  or  equal 
to  x,  but  it  is  interesting  to  observe  that  no  algebraic  expression  that 
represents  an  infinite  number  of  distinct  primes,  and  only  primes,  has 
been  discovered.  Euler  (1707-1783)  showed  that  Fermat  (1601  - 1665) 
was  in  error  in  thinking  that  all  integers  of  the  form  22n  +  1  are  primes 
by  showing  that  232  +  1  =  4,294,967,297  has  the  factor  641.  It  has 
been  proved,  however,  that  no  rational  function  of  x  except  a  constant 
can  be  a  prime-representing  function,  f  We  shall  prove  the  corresponding 
well-known  theorem  about  a  polynomial. 

Theorem  3-19.  An  integral  polynomial  of  at  least  the  first  degree 
cannot  represent  primes  alone. 

Suppose  that,  for  x  =  x' ',  where  x'  >  0,  f(x)  =  a0xn  +  •  •  •  +  an 
represents  the  prime  p.     Substituting  x  =  x'  +  mp  in  /(as),  we  obtain 

f(x'  +  mp)  =  aQ(xf  +  mp)n  +  ax{xf  +  mp)n~l  +  •  •  •   +  a» 

where  the  coefficients  in  the  expansions  are  integers  and  in  each  expansion 

*  W.  H.  Mills,  Bull.  Am.  Math.  Soc,  Vol.  53,  No.  6,  p.  604,  1947.  E.  M.  Wright, 
Am.  Math.  Monthly,  Vol.  58,  No.  9,  pp.  616-618,  1951. 

t  R.  C.  Buck,  Am.  Math.  Monthly,  Vol.  53,  No.  5,  p.  265,  1946. 
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every  term  except  the  first  is  a  multiple  of  p.     Therefore, 

f(x'  +  mp)  =  a0x'n  +  aix'n-1  +   '  '  ■   +  an  +  Kp 
or 

f{x'  +  mp)  =  p  +  Kp 

Hence,  p  \  f{x'  +  mp),  and  f(x'  +  mp)  is  not  a  prime  unless  f(x'  +  ^p) 
is  p  or  —p.  Suppose  that,  for  m  =  0,  1,  2,  .  .  .  ,  n  —  1,  f(x''+  mp)  = 
p.  Then  no  other  value  of  m  can  yield  p,  or  the  equation  f(x)  =  p  of 
degree  n  would  have  more  than  n  roots.  In  like  manner,  but  n  values  of 
m  can  yield  —p.  Consequently,  there  is  a  value  of  m  for  which  x'  + 
mp  >  0  and  /(V  +  mp)  ^  ±  p. 

Moreover,  if  the  integral  polynomial  f(xi,x2,  .  .  .  ,£n)  represented 
primes  alone,  then  for  x2  =  a2,  .  .  .  ,  xn  =  an  the  integral  polynomial 
f(xha2,  .  .  .  ,an)  having  but  one  variable  would  represent  primes  for  all 
positive  values  of  xi.  The  given  polynomial  is  thus  not  a  prime-repre- 
senting function. 

In  the  proof  given  above  it  has  been  necessary  to  refer  to  the  theorem 
on  the  number  of  roots  of  a  rational  integral  algebraic  equation  which 
depends  upon  analysis  for  its  validity.  A  property  of  the  whole  set  of 
complex  numbers  is  accordingly  made  use  of  in  order  to  show  a  character- 
istic of  the  rational  integers.  Such  cases,  in  which  we  use  a  domain  that 
includes  as  part  of  itself  the  one  with  which  we  are  particularly  con- 
cerned, are  not  rare  in  mathematics.     Can  you  name  some  of  them? 

EXERCISE 

Prove  that  for  integral  values  of  x  an  integral  polynomial  a0xn  +  a\Xn~l  +   •  •  • 

+  an  of  degree  n  >  0  has  an  infinite  number  of  distinct  prime  factors.      (Assuming  the 

k 

number  is  finite,  substitute  multiples  of  an  \[  pi  for  x.) 

i  =  i 

*Theorem  3-20  (Legendre).     The  number  of  positive  primes  not  exceed- 
ing the  positive  integer  n  is 


7r(n)  =  n  +  r  —  1 


Lf  lPi\         Z/   IViVA 


M  =  l 


+  (-!)' 


-  1 

P1P2     ■     ■     '     Pr\ 


where  ph  p2,  .   .  .  ,  pr  are  all  the  positive  primes  such  that  pi2  <  n} 
where  i  =  1,2,   .  .   .  ,  r. 

Determine  I  so  that  /  is  the  largest  integer  whose  square  is  less  than  or 
equal  to  n.     Then  find  all  positive  primes  ph  p2,  .  .  .  ,  pr  that  are  less 
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than  or  equal  to  I.     Since  exactly  Mi  =     —    of  the  integers  1,2,..., 
n  are  divisible  by  ph  none  of  these  multiples  of  ph  except  p\  itself,  is  a 

prime.     In  like  manner,    —     integers  from  1  through  n  are  divisible  by 

LPzj 

p2.     Of  these  multiples  of  p2,  however,     are  divisible  by  both  pi 

and  pi,  and  hence 


M2  =  [il  +  [ » 1  -  \jl] 

IPii      LP*}      LP1P2J 


is  the  number  of  integers  from  1  through  n  that  are  divisible  by  either  of 
the  first  two  primes,  pi  and  p2. 
Assuming  then  that 


Mi 


fe] 


+ 


+ 
+ 


LVkj      LP1P2]      LpiPz]  iPk-iPk] 

[-=-1+ •••  +(-««r — - — 1  ( 
LP1P2P3]  LP1P2  •  •  •  pk\ 


is  the  number  of  integers  from  1  through  n  that  are  divisible  by  at  least 
one  of  the  first  k  primes  pi,  p2,  .  .  .  ,  Pk,  we  shall  find  the  number  of 
integers  from  1  through  n  that  are  divisible  by  the  next  prime  pk+i  and 
that  are  prime  to  all  the  first  k  primes. 

The  number  of  integers  from  1  through  n  that  are  divisible  by  pk+\  is 

n 


Pk+i 


Pk+ij 


Pi     J 


are  also  divisible  by  pi,  for  if  we 


Of  these  integers 
examine  the  set  of  multiples  of  Pk+i, 

pk+h  2p*+i,  .  .  .  ,  \-^-\  Pk+i 

the  coefficients  of  m+i,  which  are  1,2,  .  .  .  ,     ?  determine  whether 

IPk+i] 

or  not  the  integers  are  divisible  by  p\.     Likewise,  if  we  wish  to  determine 

how  many  of  these  integers  are  divisible  by  ph  p2,   .  .  .  ,  or  pr,  we  must 


operate  on 


just  as  we  operated  on  n  above.     Hence, 


+ 


[-1 

lPk+i\ 
Pk 

-1 


Pk 
1 

Pk+ 


n 

Pk+i. 
L   P1P2 


L  Pk-iPk 


(-D; 


. 

n 

.Pk+i. 

" 

[pip 

2    *     *     " 

Pk: 
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is  the  number  of  integers  from  1  through  n  that  are  divisible  by  pk+i  and 
also  by  at  least  one  of  the  primes  ph  p2,  .  .  .  ,  Pk-     Using  the  fact  that 


fjLl 


PlP2    *     *     •    Pt 

and  subtracting  M'k  from    L  we  have 


r 5 — 1 

LP1P2  •  •  •  p«p*+iJ 


■jlI  _  r_5_i f_=_i  +  \^—\  +  ■  ■ 

_pk+ii       LPiPk+i]  IPkPk+ij       LPiPzPk+i} 


p*p*+i. 


(8) 


-fe] 


Mfc+1  =-+...+ 


as  the  number  of  integers  from  1  through  n  that  are  divisible  by  pk+i  but 
not  by  any  of  the  primes  p1}  p2,  .  .  .  ,  Pa-  Adding  this  number  (8)  to 
the  number  (7)  of  integers  from  1  through  n  that  are  divisible  by  at  least 
one  of  pi,  P2,  .  .  .  ,  Pk,  we  find  that 

zlI  +  r  jl]  _  [jl]  — 

p*J      Lpfc+iJ      LP1P2J 

-JL-]+  •••  +(-i)4 — - — 1 
PkPk+ij  LP1P2  -  -  -  PkPk+ij 

is  the  number  of  integers  from  1  through  n  that  are  divisible  by  at  least  one 
of  the  primes  ph  p2}  .  .  .  ,  Pk,  Pk+i.  This  formula  (7)  with  k  =  r,  there- 
fore, holds  for  the  first  r  primes.  But  by  Theorem  3-2  any  positive  integer 
less  than  or  equal  to  n  and  greater  than  pr  is  a  prime  unless  it  is  divisible  by 
one  of  these  first  r  primes.  Hence,  n  —  Mr  is  the  number  of  integers 
from  1  through  n  that  are  prime  to  pi,  p2,  .  .  .  ,  and  pr.  Consequently, 
this  number  counts  the  integer  1  and  all  primes  greater  than  pr,  but  it 
does  not  include  the  primes  pi,  P2,  .  .  .  ,  pr  themselves.     Therefore 

w(n)  =  n  —  Mr  +  r  —  1 

is  the  number  of  positive  primes  that  are  less  than  or  equal  to  n. 

Sometimes  the  symbol  <fr(n,r)  is  used  to  indicate  the  number  of  positive 
integers  not  exceeding  n  and  prime  to  the  first  r  primes.  Then  4>{n,r)  = 
n  —  Mr,  and  the  number  of  positive  primes  not  exceeding  n  can  be 
written 

ir(n)  =  <f>(n}r)  +  r  —  1 

where  r  is  the  number  of  positive  primes  not  exceeding  y/n. 

This  formula  obviously  becomes  impracticable  when  n  is  large.  In 
1870  Meissel  developed  another  formula  the  use  of  which  is  less  cumber- 
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some,  but  even  though  his  method  has  been  improved  upon,*  no  expe- 
ditious method  for  finding  the  exact  number  of  positive  primes  less  than 
a  large  n  has  been  discovered. 

On  the  other  hand,  due  to  the  work  of  Legendre  and  Gauss  (1777-1855) 
in  applying  analysis  to  the  theory  of  numbers,  we  have  formulas  which 
approximate  the  number  of  primes  not  exceeding  x.  Legendre  stated  the 
empirical  formula 

F(x)  =  - 

w       logx  -  1.08366 

which  agrees  very  well  with  t(x)  so  long  as  x  is  not  greater  than  1,000,000. 
Gauss  discovered  "the  integral  logarithm  of  x," 

T  .  ,  ,         [*    dt 
0)  =  J2 


log  t 


but  we  have  no  reason  to  believe  that  he  developed  a  proof  of  it.  Basing 
their  work  on  that  of  Riemann  (1826-1866),  mathematicians  succeeded 
in  developing  an  asymptotic  formula  that  is  a  refinement  of  Gauss' 
observation.  By  1900  they  had  proved  what  is  called  "the  prime  number 
theorem," 

lim  -*&-  =  1 

x^  „  z/log  x 

As  recently  as  1948  Paul  Erdos  and  Atle  Selberg  developed  new  and  more 
elementary  methods  for  showing  this  limit. 

As  a  matter  of  fact  although  many  theorems  about  primes  have  been 
demonstrated,  we  can  still  state  a  large  number  of  theories  that  mathe- 
maticians believe  to  be  true  but  which  remain  unproved.  We  have  seen 
that  Euclid  established  an  interval  within  which  there  must  be  a  prime. 
Again  it  has  been  proved  that  if  p1}  p2,  ■  •  •  ,  Pn-i  are  the  first  n  —  1 
primes,  when  n  >  4,  the  next  prime  pn  is  such  that 

Vn      <   PlP2    '     '     •    Pn-l 

Furthermore,  Tchebysheff  (1821-1894)  developed  a  better  result  by 
proving  that  for  a  real  number  n  >  \  there  is  always  at  least  one  prime 
between  n  and  2n  —  2.  But  the  problem  of  naming  the  next  prime  after 
any  given  prime  remains  unsolved.  Likewise,  we  have  no  formula  for 
finding  even  one  prime  greater  than  a  given  one. 

It  has  been  previously  pointed  out  that  Dirichlet  (1805-1859)  proved 
that  there  is  an  infinite  number  of  primes  among  the  terms  of  any  arith- 
metic progression  in  which  the  first  term  and  the  difference  are  relatively 
prime.  Kronecker  (1823-1891)  later  showed  an  interval  within  which 
the  next  prime  after  a  given  one  of  such  a  progression  must  lie. 

*  A.  Brauer,  Am.  Math.  Monthly,  Vol.  53,  No.  5,  pp.  521-523,  1946. 
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Kronecker  remarked,  but  there  is  no  proof,  that  every  positive  even 
integer  can  be  represented  as  the  difference  of  two  positive  primes  in 
infinitely  many  ways.  If  this  theorem  is  true,  it  means  that  there  are 
infinitely  many  pairs  of  primes  that  differ  by  2,  and  hence  no  matter  how 
far  out  we  go  in  the  sequence  of  consecutive  positive  integers  there  will 
always  be  primes  that  are  as  close  to  each  other  as  it  is  possible  for  them 
to  be.  Of  course  the  frequency  of  the  appearance  of  such  primes  decreases 
as  the  primes  increase  in  size.  We  can  show,  moreover,  that  if  we  take 
sufficiently  large  positive  integers,  we  can  find  as  many  consecutive 
integers  as  we  please  all  of  which  are  composites,  for  none  of  the  integers 

n\  +  2,  n\  +  3,  .  .  .  ,  n\  +  n 

is  a  prime  when  n  >  1.  Hence,  as  we  move  out  in  the  sequence  of  posi- 
tive integers,  there  must  be  consecutive  primes  whose  difference  is  larger 
than  any  assigned  integer. 

Euler  mentioned  that  Goldbach  (1742)  had  stated  the  empirical 
theorem  that  every  even  integer  greater  than  2  can  be  represented  as  the 
sum  of  two  positive  primes.  Although  the  truth  of  this  conjecture  has 
been  verified  in  many  cases,  it  has  never  been  proved.  Goldbach  also 
said  that  every  odd  integer  greater  than  or  equal  to  9  is  the  sum  of  three 
odd  primes.  In  1937  Vinogradov  proved  by  analytical  means  that  this 
theorem  is  true  for  sufficiently  large  odd  integers. 

If  we  examine  a  table  of  primes,  we  notice  that  there  is  at  least  one 
prime  between  any  two  consecutive  squares  n2  and  (n  +  l)2,  but  whether 
or  not  this  statement  is  always  true,  we  do  not  know.  Again,  we  do  not 
know  whether  or  not  there  is  an  infinite  number  of  primes  of  the  form 
(2n)2  +  1. 
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Table  of  Primes 


2 

233 

547 

877 

1229 

1597 

1993 

2371 

2749 

3 

239 

557 

881 

1231 

1601 

1997 

2377 

2753 

5 

241 

563 

883 

1237 

1607 

1999 

2381 

2767 

7 

251 

569 

887 

1249 

1609 

2003 

2383 

2777 

11 

257 

571 

907 

1259 

1613 

2011 

2389 

2789 

13 

263 

577 

911 

1277 

1619 

2017 

2393 

2791 

17 

269 

587 

919 

1279 

1621 

2027 

2399 

2797 

19 

271 

593 

929 

1283 

1627 

2029 

2411 

2801 

23 

277 

599 

937 

1289 

1637 

2039 

2417 

2803 

29 

281 

601 

941 

1291 

1657 

2053 

2423 

2819 

31 

283 

607 

947 

1297 

1663 

2063 

2437 

2833 

37 

293 

613 

953 

1301 

1667 

2069 

2441 

2837 

41 

307 

617 

967 

1303 

1669 

2081 

2447 

2843 

43 

311 

619 

971 

1307 

1693 

2083 

2459 

2851 

47 

313 

631 

977 

1319 

1697 

2087 

2467 

2857 

53 

317 

641 

983 

1321 

1699 

2089 

2473 

2861 

59 

331 

643 

991 

1327 

1709 

2099 

2477 

2879 

61 

337 

647 

997 

1361 

1721 

2111 

2503 

2887 

67 

347 

653 

1009 

1367 

1723 

2113 

2521 

2897 

71 

349 

659 

1013 

1373 

1733 

2129 

2531 

2903 

73 

353 

661 

1019 

1381 

1741 

2131 

2539 

2909 

79 

359 

673 

1021 

1399 

1747 

2137 

2543 

2917 

83 

367 

677 

1031 

1409 

1753 

2141 

2549 

2927 

89 

373 

683 

1033 

1423 

1759 

2143 

2551 

2939 

97 

379 

691 

1039 

1427 

1777 

2153 

2557 

2953 

101 

383 

701 

1049 

1429 

1783 

2161 

2579 

2957 

103 

389 

709 

1051 

1433 

1787 

2179 

2591 

2963 

107 

397 

719 

1061 

1439 

1789 

2203 

2593 

2969 

109 

401 

727 

1063 

1447 

1801 

2207 

2609 

2971 

113 

409 

733 

1069 

1451 

1811 

2213 

2617 

2999 

127 

419 

739 

1087 

1453 

1823 

2221 

2621 

3001 

131 

421 

743 

1091 

1459 

1831 

2237 

2633 

3011 

137 

431 

751 

1093 

1471 

1847 

2239 

2647 

3019 

139 

433 

757 

1097 

1481 

1861 

2243 

2657 

3023 

149 

439 

761 

1103 

1483 

1867 

2251 

2659 

3037 

151 

443 

769 

1109 

1487 

1871 

2267 

2663 

3041 

157 

449 

773 

1117 

1489 

1873 

2269 

2671 

3049 

163 

457 

787 

1123 

1493 

1877 

2273 

2677 

3061 

167 

461 

797 

1129 

1499 

1879 

2281 

2683 

3067 

173 

463 

809 

1151 

1511 

1889 

2287 

2687 

3079 

179 

467 

811 

1153 

1523 

1901 

2293 

2689 

3083 

181 

479 

821 

1163 

1531 

1907 

2297 

2693 

3089 

191 

487 

823 

1171 

1543 

1913 

2309 

2699 

3109 

193 

491 

827 

1181 

1549 

1931 

2311 

2707 

3119 

197 

499 

829 

1187 

1553 

1933 

2333 

2711 

3121 

199 

503 

839 

1193 

1559 

1949 

2339 

2713 

3137 

211 

509 

853 

1201 

1567 

1951 

2341 

2719 

3163 

223 

521 

857 

1213 

1571 

1973 

2347 

2729 

3167 

227 

523 

859 

1217 

1579 

1979 

2351 

2731 

3169 

229 

541 

863 

1223 

1583 

1987 

2357 

2741 

3181 

CHAPTER  4 
PROPERTIES  OF  CONGRUENCES 


4-1.  Congruent  Integers.  We  have  shown  that  when  n  and  m  9^  0 
are  given,  the  integer  n  can  be  expressed  uniquely  in  the  form 

n  =  qm  +  V         0  <  r  <  \m\ 

Now  we  separate  all  integers  n  into  \m\  classes  according  to  the  remainders 
r  that  they  yield  upon  being  divided  by  m.  We  say  that  two  integers 
are  congruent  modulo  m  if  and  only  if  the  integers  produce  the  same  least 
nonnegative  remainder  upon  being  divided  by  m  ^  0. 

Gauss  (1777-1855)  introduced  this  idea  of  congruence,  and  it  was  he 
who  suggested  the  notation :  a  =  6(mod  m),  which  is  read,  "a  is  congruent 
to  b  modulo  m,"  or  "a  is  congruent  to  b  for  the  modulus  ra."  The  value 
of  this  concept  and  its  symbol  is  that  emphasis  is  placed  upon  the  impor- 
tant integers  in  the  equations 

a  =  giw  +  r 
and 

b  =  q2m  +  r        0  <  r  <  \m\ 

Since  the  definition  requires  that  when  a  =  b  (mod  m)  the  remainders 
in  the  above  equations  be  identical,  it  follows  immediately  that  the 
difference  a  —  b  is  divisible  by  m.  Conversely,  if  a  —  b  =  km,  then 
a  S3  b (mod  m),  for  if  a  =  qim  +  r\  and  b  =  q2m  +  r2,  where  0  <  n, 
r2  <  \m\,  then  a  —  b  =  m(qi  —  q2)  +  n  —  r2,  and  ri  —  r2  is  divisible  by  m. 
Therefore,  r\  =  r2.     Thus  we  have: 

Theorem  4-1.  Two  integers  are  congruent  modulo  m  if  and  only  if 
their  difference  is  divisible  by  m  ^  0. 

If  a  and  b  have  distinct  remainders  rx  and  r2,  where  0  <  rh  r2  <  \m\, 
upon  being  divided  by  m,  then  a  and  b  are  said  to  be  incongruent  modulo  m. 
The  difference  between  two  incongruent  integers  modulo  m  is,  therefore, 
not  divisible  by  m.     In  this  case  we  write:  a  ^  b(mod  m). 

When  two  integers  are  congruent  to  each  other  modulo  m,  each  is  said 
to  be  a  residue  of  the  other  for  that  modulus.  Thus,  because  12  = 
2(mod  10),  2  is  a  residue  of  12,  and  12  is  a  residue  of  2  modulo  10. 

The  totality  of  integers  congruent  to  a  given  integer  for  the  modulus  m 
constitutes  a  residue  class  modulo  m. 

53 
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These  definitions  imply  that  each  integer  belongs  to  exactly  one  residue 
class  for  a  given  modulus  and  that  each  residue  class  modulo  m  contains 
one  and  only  one  of  the  integers  0,  1,  2,  .  .  .  ,  \m\  —  1.  Hence,  there 
are  exactly  \m\  residue  classes  modulo  m. 

Any  set  of  \m\  integers  selected  so  that  no  two  of  them  belong  to  the 
same  residue  class  modulo  m  forms  a  complete  residue  system  modulo  m. 
Thus  for  the  modulus  m  the  set  of  integers  0,  1,  2,  .  .  .  ,  \m\  —  1  or  the 
set  1,  2,  3,  .  .  .  ,  \m\  is  often  chosen  to  represent  the  classes  of  which  the 
individual  integers  are  members.  The  class  represented  by  0  contains  all 
and  only  multiples  of  m,  and  the  class  represented  by  r  consists  of  all  the 
integers  of  the  form  km  +  r.  Any  set  of  \m\  integers  containing  one  and 
only  one  integer  represented  by  each  of  the  forms  km,  km  +  1,  km  +  2, 
.  .  .  ,  km  +  \m\  — ■  1  is,  therefore,  a  complete  residue  system  modulo  m. 

Since,  as  we  have  already  shown,  an  integer  is  or  is  not  prime  to  m 
according  as  the  remainder  obtained  upon  its  division  by  m  is  or  is  not 
prime  to  m,  the  set  of  remainders  from  1  through  \m\  —  1  which  are  prime 
to  m  represents  all  and  only  the  integers  that  are  prime  to  m.  These 
integers,  prime  to  m,  are  thus  separated  into  residue  classes  modulo  m 
that  are  in  one-to-one  correspondence  with  the  positive  integers  from  1 
through  \m\  —  1  that  are  prime  to  m. 

Any  set  of  integers  prime  to  m  and  selected  so  that  one  and  only  one 
of  them  belongs  to  each  of  the  residue  classes  of  integers  prime  to  m  for 
the  modulus  m  constitutes  a  reduced  residue  system  modulo  m.  For  the 
modulus  5  the  set  1,  2,  3,  4  is  a  reduced  residue  system,  but  for  the 
modulus  6  the  integers  1  and  5,  as  well  as  the  set  1  and  —1,  form  such  a 
system. 

It  is  evident  also  that  the  residue  classes  for  the  modulus  m  are  iden- 
tical with  the  residue  classes  modulo  —  m,  for  when  the  sign  of  m  is 
changed,  we  need  change  only  the  sign  of  q  in  the  equation 

a  =  qm  +  r         0  <  r  <  \m\ 

Thus  any  congruence  that  holds  for  either  m  or  —  m  as  modulus  holds  for 
the  other  one.  It  is  convenient,  therefore,  to  use  only  positive  integers 
as  moduli,  and  we  shall  hereafter  adhere  to  this  convention  without 
making  a  specific  statement  of  the  fact  in  the  discussion. 

4-2.  Basic  Properties  of  Congruences.  The  relation  of  congruence 
has  some  properties  similar  to  those  of  equality: 

1.  For  any  modulus  m,  a  =  a(mod  m). 

2.  If  a  =  b  (mod  m),  then  b  =  a  (mod  m). 

3.  If  a  =  6(mod  m)  and  b  =  c(mod  m),  then  a  =  c(mod  m). 

4.  If  a  =  6(mod  m)  and  c  =  d(mod  m),  then  a  ±  c  =  b  ±  d(mod  m). 
From  the  equations  a  =  b  +  km,  c  =  d  +  tm,  we  have  a  +  c  =  b  ± 
d  +  Lm. 

5.  If  a  =  b (mod  m)  and  c  =  d(mod  m),  then  ac  =  bd(mod  m). 
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6.  If  a  =  b (mod  m),  then  an  =  6n(mod  m),  where  n  is  a  positive  integer. 

7.  If  a  =  b (mod  m)  and  /(rr)  =  a0xn  +  aixn_1  +  •  •  •  +  an  is  an 
integral  rational  function  of  x  with  integral  coefficients,  then  f(a)  = 
/(6)(mod  m). 

The  first  three  statements  show  that  the  congruence  relation  is  reflexive, 
symmetric,  and  transitive.  It  is  also  clear  that  when  a  +  b  =  c(mod  m) 
and  b  =  d(mod  m),  then  a  +  d  =  c(mod  m).  In  a  congruence  the  laws 
thus  permit  the  substitution  of  a  number  or  expression  in  the  place  of  a 
term  congruent  to  it  for  the  given  modulus.  The  application  of  the  fifth 
statement  allows  us  to  conclude  that  when  ac  +  b  =  0(mod  m)  and 
c  S3  e (mod  m),  then  ae  +  b  =  0(mod  m).  Accordingly,  we  infer  that  for 
a  given  modulus  a  congruent  number  or  expression  may  be  substituted 
for  a  factor  of  a  term  of  a  congruence. 

When  " equality"  is  the  relation,  substitutions  of  the  above  types  are 
just  two  of  those  covered  by  the  familiar  postulate,  "  Equals  may  be  sub- 
stituted for  equals  in  any  operation."  It  is,  however,  not  true  that 
integers  which  are  congruent  for  a  modulus  m  may  always  be  substituted 
one  for  the  other  in  a  congruence  modulo  m.  If  as  =  b (mod  m)  and  s  = 
2  (mod  m),  it  need  not  happen  that  a1  =  b  (mod  m),  for  as  need  not  be 
congruent  to  a*  modulo  m.  Notice  that  52  =  4 (mod  7)  and  that  2  = 
9(mod  7)  but  59  =  6(mod  7),  so  that  52  ^  59(mod  7). 

The  congruence  relation  also  has  the  following  properties  that  pertain 
to  division: 

1.  If  d  is  a  divisor  of  m  and  a  =  b  (mod  m),  then  a  =  6  (mod  d). 

2.  If  a  =  b (mod  mi)  and  a  =  b (mod  m2),  then  a  =  b (mod  L),  where  L 
is  the  least  common  multiple  of  mx  and  m2. 

3.  If  ac  =  be  (mod  m)  and  c  ^  0  is  such  that  (c,  m)  =  1,  then  a  = 
b  (mod  m). 

4.  If  ac  =  be  (mod  m)  and  (c,  m)  =  d,  then  a  =  6  (mod  m0),  where 
m  =  m0d. 

Examples.  1.  We  can  find  the  remainder  when  230  is  divided  by  17 
by  simple  operations  on  congruences.  Since  24  =  16 (mod  17)  and  16  = 
—  l(mod  17),  we  have  24  =  —  l(mod  17).  Raising  each  member  of  the 
congruence  to  the  seventh  power,  we  obtain  228  =  —  l(mod  17).  But 
22  =  4(mod  17),  and  therefore  230  =  -4(mod  17),  or  230  =  13(mod  17). 

2.  We  know  that  10  =  l(mod3).  Accordingly,  a0(10)n  +  a^lO)"-1  + 
•  •  •  +  an  =  aQ  +  ai  +  •  •  •  +  an(mod  3).  Thus  a  number  written  in 
the  scale  of  10  is  divisible  by  3  if  and  only  if  the  sum  of  its  digits  is  divisible 
by  3. 

EXERCISES 

1.  Find  the  remainder  when  710  is  divided  by  51;  when  310  is  divided  by  51;  when 
21 10  is  divided  by  51. 

2.  Find  the  remainder  when  521  is  divided  by  127.     Do  the  same  for  566. 
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3.  Prove  that  2U  —  1  has  the  factor  23  and  that  223  —  1  has  the  factor  47. 

4.  If  a  =  b  (mod  ra),  prove  that  the  greatest  common  divisor  of  a  and  m  is  the 
greatest  common  divisor  of  b  and  m.  State  this  result  in  terms  of  the  integers  of  a 
residue  class  modulo  m. 

5.  If  a  +  b  =  c(mod  m)  and  b  =  d(mod  m),  show  that  a  +  d  =  c(mod  m). 

6.  If  ab  =  c(mod  m)  and  b  =  d(mod  m),  show  that  ad  =  c(mod  ra). 

7.  Since  24  =  l(mod  5)  and  4  =  9 (mod  5),  is  29  =  l(mod  5)?     Explain. 

8.  Prove  that  an  integer  is  divisible  by  9  if  and  only  if  the  sum  of  its  digits  is  divisi- 
ble by  9. 

9.  Prove  that  an  integer  is  divisible  by  8  if  and  only  if  the  number  formed  by  its 
last  three  digits  is  divisible  by  8. 

10.  Prove  that  an  integer  is  divisible  by  1 1  if  and  only  if  the  sum  of  the  digits  in  the 
odd-numbered  places  diminished  by  the  sum  of  the  digits  in  the  even-numbered  places 
is  divisible  by  11. 

11.  If  an  integer  N  is  written  in  the  scale  of  r  and  then  its  digits  are  rearranged  in 
any  way  to  form  the  integer  M,  the  difference  N  —  M  is  divisible  by  r  —  1. 

4-3.  The  Residue  Classes.  The  properties  of  congruences  stated 
above  show  that  as  far  as  the  operations  of  addition,  subtraction,  and 
multiplication  are  concerned  the  elements  in  any  two  residue  classes  for 
the  modulus  ra  combine  to  give  results  that  are  always  in  the  residue  class 
designated  by  carrying  out  the  very  operations  on  any  convenient  repre- 
sentatives of  the  classes.  Thus  if  an  element  a  of  class  A  is  added  to  an 
element  b  of  class  B  and  the  result  a  +  b  is  in  the  class  C,  then  if  any 
element  of  A  is  added  to  any  element  of  B,  the  result  will  be  in  class  C. 
Because  subtraction  is  always  possible,  it  follows,  moreover,  that  when 
a  +  b  is  an  element  of  class  C,  any  element  a  +  b  +  km  of  C  can  be 
expressed  as  the  sum  of  an  element  of  A  and  one  of  B. 

It  is  important  to  notice,  however,  that  although  the  result  of  multi- 
plying any  element  of  class  A  by  an  element  of  class  B  is  always  in  the 
same  class  D,  say,  yet  each  element  of  D  need  not  be  a  product  of  an 
element  from  A  and  an  element  from  B.  Take,  for  instance,  the  residue 
classes  modulo  10.  When  any  element  of  the  class  represented  by  2  is 
multiplied  by  an  element  of  the  class  of  3,  the  result  is  an  element  in  the 
class  represented  by  6.  Yet  the  particular  element  16,  which  is  con- 
gruent to  6  modulo  10,  cannot  be  written  as  the  product  of  two  factors, 
one  from  the  class  of  2  and  the  other  from  the  class  of  3,  for  if 

16  =  (2  +  10fc)(3  +  100 

an  odd  number  would  divide  16. 

It  is  interesting  to  notice  also  that  2  •  5  =  4  (mod  6)  as  well  as  2  •  2  = 
4(mod  6);  that  is,  the  same  least  positive  residue  2  ^  0(mod  6)  can  be 
multiplied  by  either  one  of  the  distinct  least  positive  residues  2  and  5  to 
produce  a  number  of  the  class  of  4  modulo  6.  If  we  examine  the  least 
positive  residues  of  any  prime,  we  find  that  no  such  thing  happens  when 


PROPERTIES   OF   CONGRUENCES  57 

we  do  not  choose  the  first  factor  from  the  class  of  zero  for  the  given  prime. 
To  prove  this  statement,  let  p  be  a  prime,  and  suppose  that  aci  = 
6(mod  p)  and  ac2  =  6(mod  p).  Therefore,  aci  =  ac2(mod  p),  and  since 
(a,  p)  =  1,  C\  =  c2(mod  p).  Hence,  C\  and  c2  must  come  from  the  same 
residue  class  modulo  p. 

When  we  select  the  integers  a  and  b  and  ask  whether  or  not  there  is  an 
integer  x  such  that  ax  =  b  (mod  m),  it  is  evident  that  we  are  dealing  with 
a  problem  in  division,  the  inverse  of  multiplication.  We  have,  therefore, 
shown  that  when  we  divide  b  by  a  for  the  modulus  m,  it  is  possible  to  have 
results  that  do  not  belong  to  the  same  residue  class  for  that  modulus. 
It  may  happen,  of  course,  that  all  answers  are  in  but  one  residue  class  as 
is  true  in  the  case  of  the  congruence  5x  =  1  (mod  6) .  But  it  is  also  pos- 
sible that  there  be  no  answer  whatever,  for  a  solution  of  2x  =  l(mod  6) 
would  demand  that  2x  =  1  +  6/c  and  that  2  divide  1.  Consequently,  we 
must  proceed  with  care,  for  division  modulo  m  is  not  always  possible  and, 
when  it  is,  need  not  yield  a  unique  result. 

One  of  the  important  ideas  of  arithmetic  is  that  if  ab  =  0  and  a  ^  0, 
then  b  must  be  0.     Suppose  that 

ab  =  0(mod  m) 

Is  it  necessary  that  either  a  or  b  be  in  the  class  of  0  for  the  modulus  m? 
When  the  modulus  is  6,  we  notice  immediately  that  2  •  3  =  0(mod  6)  and 
that  neither  2  nor  3  is  congruent  to  0  modulo  6.  But  when  the  modulus 
is  a  prime  p  and  ab  =  0(mod  p),  both  a  and  b  cannot  come  from  the  set 
of  integers  1,  2,  3,  .  .  .  ,  p  —  1,  for  the  product  of  any  two  of  these 
integers  is  prime  to  p.  Consequently,  we  see  that  in  this  case  a  product 
is  not  congruent  to  0  unless  at  least  one  factor  is  in  the  class  of  0  for  the 
given  modulus.  When  the  modulus  m  is  composite,  however,  by  factor- 
ing m^Oso  that  m  =  nxn^  where  1  <  n\  <  m,  it  follows  that  ttin2  = 
0(mod  m). 

We  call  any  integers  ni  and  n2,  neither  one  of  which  is  in  the  class  of  0 
modulo  m,  but  whose  product  is  congruent  to  0  for  the  modulus  m, 
divisors  of  zero  modulo  m.  The  existence  of  divisors  of  zero  for  a  com- 
posite modulus  again  reminds  us  of  the  need  of  caution  in  applying  the 
idea  of  division  to  the  notion  of  congruence. 


EXERCISES 

1.  Show  that  although  2(6)  =  26  (mod  14),  26  cannot  be  factored  into  integers  such 
that  one  is  in  the  class  of  2  and  the  other  in  the  class  of  6  modulo  14. 

2.  Find  numbers  in  the  class  of  10  modulo  11  that  can,  and  some  that  cannot,  be 
expressed  as  a  product  of  two  integers,  one  from  the  class  of  2  and  the  other  from  the 
class  of  5  modulo  11. 
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3.  How  many  solutions  do  each  of  the  following  congruences  have? 

2x  m  6  (mod  10) 
2x  =  3  (mod  4) 
2x  a  3  (mod  5) 
Sx  =  6(mod  15) 

4.  Find  some  divisors  of  zero  modulo  12. 

6.  Compare  the  residue  classes  of  the  powers  of  2,  4,  and  7  modulo  15  with  those  of 
the  powers  of  3,  5,  and  6  modulo  15.     Can  you  find  a  law  that  governs  them? 

4-4.  Euler's  0  Function.  Leonhard  Euler  (1707-1783)  worked  in 
many  fields  of  pure  and  applied  mathematics.  His  voluminous  publica- 
tions were  concerned  with  algebra,  the  calculus  of  finite  differences,  the 
differential  and  integral  calculus,  the  calculus  of  variations,  astronomy, 
and  analytical  mechanics  besides  the  theory  of  numbers.  In  the  latter 
field  he  discovered  the  theorems  which  taken  together  make  up  the 
quadratic  reciprocity  law,  supplied  the  proof  and  generalization  of 
Fermat's  theorem,  showed  that  every  prime  of  the  form  4n  +  1  is 
expressible  as  a  sum  of  two  squares  in  exactly  one  way,  as  well  as  making 
many  less  startling  but  nevertheless  important  discoveries,  one  of  which 
is  the  0  function. 

The  indicator  <f>(m)  of  an  integer  m  ^  0  is  the  number  of  positive 
integers  less  than  or  equal  to  \m\  and  prime  to  m.  Thus  0(m)  is  the 
number  of  integers  in  a  reduced  residue  system  modulo  m,  and  4>(m)  = 
0(  — ra).  Because  of  this  last  fact,  it  will  be  sufficient  to  use  only  positive 
integers  m  in  considering  the  0  function. 

Examples.     0(1)  =  1,  0(5)  =  4,  0(6)  =  2. 

It  is  evident  that  when  p  is  a  positive  prime,  4>(p)  is  p  —  1. 

Theorem  4-2.  If  p  is  a  positive  prime  and  n  is  a  positive  integer, 
4>(pn)  =  pn~Kv  -  i). 

To  find  4>{pn),  consider  the  set  of  integers 

1,  2,   .   .   •  ,  p,   .   .   •   ,  2p,   .   .   .  ,  pr,  .  .  .  ,  pn 

Each  of  these  integers  is  either  divisible  by  p  or  is  prime  to  p.  But  pn~1 
of  them  are  divisible  by  p.  Therefore,  pn  —  pn~l  =  pn~1(p  —  1)  of  the 
integers  from  1  through  pn  are  prime  to  p. 

Any  function  of  the  variables  Xi,  where  i  =  1,  2,  .  .  .  ,  r,  is  arithmetic 
if  it  assumes  only  integral  values  for  the  sets  of  integral  values  of  the 
variables  Xi  for  which  the  function  is  defined.  The  function  <f>(x)  is 
arithmetic,  as  are  the  integral  polynomials. 

A  single-valued  arithmetic  function  f(x)  is  said  to  be  regular  or  multi- 
plicative if,  for  any  a  and  b  which  are  relatively  prime,  f(ab)  =  f(a)f(b). 
We  shall  show  that  the  0  function  is  multiplicative. 
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Theorem  4-3.     If  a  and  6  are  relatively  prime,  0(a6)  =  0(a) 0(6). 

We  suppose  that  the  integers  a  and  b  are  positive  and  arrange  the 
integers  from  1  through  m  =  ab  in  the  following  array  suggested  by  the 
residue  classes  modulo  a: 


1 

a  +  1 
2a  +  1 

2 

a  +  2 

2a  +  2 

3 

a  +  3 

2a  +  3 

k 
a  +  k 

2a  +  k 

a 
2a 
3a 

L)o+  1 

(6- 

l)a  +  fc 

ba 

(6 

Because  an  integer  is  prime  to  m  if  and  only  if  it  is  prime  to  both  a  and  b, 
we  shall  determine  first  the  number  of  integers  in  the  above  array  that 
are  prime  to  a  and  then  find  how  many  of  these  are  also  prime  to  b. 

We  know  that  there  are  0(a)  integers  prime  to  a  in  the  first  row. 
Moreover,  each  integer  in  the  column  headed  by  an  integer  k,  from  1 
through  a,  is  of  the  form  sa  +  k.     Furthermore, 

sa  +  k  =  k(mod  a) 

Therefore,  if  the  integer  k  at  the  top  of  a  column  has  a  divisor  in  common 
with  a,  every  integer  in  that  column  has  that  divisor  in  common  with  a, 
and  if  k  is  prime  to  a,  every  integer  in  that  column  is  prime  to  a.  There 
are  then  0(a)  columns  of  integers  that  are  prime  to  a.  How  many  of 
these  integers  are  prime  to  6? 

Consider  the  set  of  b  integers  in  any  column, 

k     a  +  k     2a  +  k     ...     (b  -  \)a  +  k 

No  two  of  these  integers  are  congruent  modulo  b,  for  if 

sa  +  k  =  ta  +  /c(mod  b) 
(t  -  s)a  =  0(mod  b) 
and 

t  -  s  =  0(mod  b) 

since  (a,  b)  =  1.  But  t  and  s  range  through  the  residue  system  0,  1, 
2,  .  .  .  ,  b  —  1  modulo  6,  so  that  unless  t  =  s,  t  ^  s(mod  b).  The  b 
integers  of  any  column  are,  therefore,  in  some  order  congruent  modulo  b 
to  the  integers  1,  2,  .  .  .  ,  b.  But  then  exactly  0(6)  of  them  are  prime 
too. 

Since  0(6)  integers  in  each  of  the  0(a)  columns  of  integers  prime  to  a 
are  also  prime  to  6,  the  number  of  integers  from  1  through  ab  that  are 
prime  to  both  a  and  6  is  0(a)  0(6). 

Theorem  4-4.  If  m  =  p1nip2U2  *  *  ■  PrTlr,  where  the  p{,  for  i  —  1,  2, 
.  .  .  ,    r,    are   positive   primes,    0(m)  =  pi'il~1p2n2""1  *  *  *  Vrlr~l(Vi  ""!) 

(P.   -    1)     '     '     *     (Pr   ~    1). 
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Since  m  has  been  factored  into  powers  of  distinct  primes, 

0(m)  =  0(pini)0(P2n2  •   •  '  Vrnr) 
By  repeating  this  process,  we  find 

4>(m)  =  <t>(p^)<t>(p2n2)  ■  •  •  HPrnr) 

from  which  we  infer  the  desired  result. 

Corollary.     If  m  >  2,  <t>(m)  is  even. 

Example.     The  number  of  positive  integers  less  than  360  and  prime 
to  360  is  0(360)  =  22  •  3  ■  (2  -  1)(3  -  1)(5  -  1)  =  96. 

EXERCISES 

1.  Show  that  the  formulas  for  the  number  of  divisors  of  an  integer  m  and  the  sum  of 
the  divisors  are  multiplicative  functions. 

2.  Show  that,  for  n  >  1,  the  sum  of  the  positive  integers  less  than  n  and  prime  to  n 
is  (n/2)<f>(n). 

3.  Show  that  the  sum  of  the  squares  of  the  positive  integers  less  than  n  and  prime  to 
n  is 


f(i-a  0-3  ■•-■(i-£)+Sa-»>a-*>  ■••*-» 


where  pi,  Pi,   .  .  .  ,  and  pT  are  the  distinct  positive  prime  factors  of  n. 

4.  Prove  that  if  n  =  p\Pip%,  where  the  pi,  with  i  =  1,  2,  3,  are  distinct  primes,  then 
the  product  of  all  the  positive  integers  less  than  n  and  prime  to  n  is 

3 

(n  -  1)!   []  ^  ~  1)1 


3 

3 

n  cp*p<  " 

-  1)!    [1     pi<r 

-l)(Pfc-l) 

i<j 

i  =  i 

Use  the  method  so  developed  to  find  the  product  of  all  positive  integers  less  than  n  and 
prime  ton  =  piaip2a2  •  •  •  Prar. 

6.  Set  up  a  method  for  finding  by  trial  all  integers  x  such  that  <f>(x)  =  n.  Use  your 
method  to  find  the  solutions  of  <j>(x)  =16. 

6.  If  G(n)  =    >    4>(d),  show  that  G(n)  is  multiplicative. 

d\n 

Note  that  the  symbol   >   ^>(d)  is  read  "the  sum  over  the  divisors  of  n  of  </>(d),"  and 
d|n 
we  understand  that  we  use  only  the  positive  divisors  of  n. 

Theorem  4-5.  Urn  =  pinip2U2  •  •  ■  p^n*  ■  ■  ■  prnr,  where  the  pif  i  =  1, 
2,  .  .  .  ,  r,  are  distinct  positive  primes,  the  number  of  integers  from  1 
through  m  that  are  prime  to  ph  p2,  .  .  .  ,  p*ism(l  —  (l/pi))(l  —  (I/P2)) 
•  •  '   (1  -  (1/Pi)). 
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It  is  sometimes  important  to  find  the  number  of  positive  integers  not 
greater  than  the  positive  integer  m  and  prime  to  some  but  not  all  of  the 
prime  factors  of  m.  For  instance,  we  may  wish  to  know  the  number  of 
positive  integers  less  than  360  and  prime  to  2  and  5. 

When  m  =  pinip2n*  ■  *  *  prnr,  it  is  evident  that  the  number  of  integers 
from  1  through  m  that  are  divisible  by  pi  is  m/pi,  leaving  then  m  — 
(m/pi)  =  ra(l  —  (1/pi))  integers  that  are  prime  to  pi. 

Proceeding  by  induction,  suppose  that  the  number  of  integers  from  1 
through  m  that  are  prime  to  ph  p2,  .  .  .  ,  and  pk  is 


m 


0-5)0-£)-"(-s) 


Some  of  these  integers,  however,  are  divisible  by  pk+i.  We  wish,  there- 
fore, to  subtract  from  the  above  number  the  number  of  integers  from  1 
through  m  that  are  divisible  by  pk+i  and  at  the  same  time  are  prime  to 
Pi,  P2,  •  •  .  ,  Pk-  To  find  this  number,  first  consider  the  integers  of  the 
set  from  1  through  m  that  are  multiples  of  pk+i.     They  are 

TYl 

pk+h  2pk+h  3pk+i,  .  .  .  ,  - —  pk+i 

Vk+l 

Since  any  integer  cpk+1  is  or  is  not  prime  to  pi,  p2,  .  .  .  ,  and  pk  according 
as  its  coefficient  c  is  or  is  not  prime  to  p±,  p2,  .  .  .  ,  and  pk,  we  must  ask 
how  many  integers  of  the  set 

m 

'  '  Pk+i 


1,  2,  3, 


are  prime  to  pi,  p2,  .  .  .  ,  and  pk.     Referring  to  our  inductive  assumption 
(1),  we  consequently  know  that 


m 

Vk+ 


A       pj\       vj  \       Pk) 


(2) 


is  the  number  of  integers  from  1  through  m/pk+i  that  are  prime  to  ph  p2, 
.  .  .  ,  and  pk  and  is,  therefore,  the  number  of  integers  from  1  through  m 
divisible  by  pk+i  and  also  prime  to  ph  p2,  .  .  .  ,  pk.  Subtracting  this 
last  number  (2)  from  the  number  (1)  of  integers  prime  to  ph  p2,  .  .  .  ,  pk, 
we  have 


m 


\         Pi)\~pJ  \    "  pk) 

i  \         Pi)  \         pi)  \     ~  Ph) 

\         Pi)  \  pi)  V    ~  Pk)  \     "  Pk~^) 


m 

Pk+i 
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as  the  number  of  integers  from  1  through  m  that  are  prime  to  ph  p2,  .  .  .  , 
pk  and  also  p*+i.  Thus  by  induction  we  may  write  this  formula  so  that 
it  includes  the  number  of  integers  from  1  through  m  that  are  prime  to 
some  or  all  of  the  distinct  prime  factors  of  m. 

Example.  If  m  =  23  •  32  •  53,  the  number  of  integers  from  1  through 
m  that  are  prime  to  2  and  5  is  23  •  32  •  53(1  -  £)(1  -  -J)  =  3600. 

Theorem  4-6.  If  the  positive  integer  m  =  kd,  the  number  of  integers 
n  from  1  through  m  having  the  property  that  d  is  the  greatest  common 
divisor  of  n  and  m  is  <f>(k). 

Consider  the  integers  1,  2,  .  .  .  ,  d,  .  .  .  ,  2d,  .  .  .  ,  kd.  There  are 
k  multiples  of  d  in  this  set,  but  the  integers  id  and  m  =  kd  have  the  great- 
est common  divisor  d  if  and  only  if  t  and  k  are  relatively  prime.  Since  t 
has  the  values  1,  2,  .  .  .  ,  k,  there  are  exactly  0(/c)  integers  from  1 
through  m  that  have  with  m  the  greatest  common  divisor  d. 

Theorem  4-7.     If  dh  d2j  .  .  .  ,  dr  are  the  distinct  positive  divisors  of 

m  ^  0,  then  Y  0(d)  =  0(di)  +  0(d2)  +  ■  •  •  +  4>(dr)  =  \m\. 

d\m 

Each  integer  n  in  the  set  1,  2,  .  .  .  ,  \m\  has  with  m  one  and  only  one 
of  the  di,  where  i  =  1,  2,  .  .  .  ,  r,  as  greatest  common  divisor.  Conse- 
quently, if  we  pick  from  this  set  the  integers  n  such  that  (n,  m)  =  d{, 
where  \m\  =  didj,  there  will  be  exactly  <f>(dj)  of  them.  As  di  ranges 
through  all  the  positive  divisors  of  m,  so  does  dj,  and  each  integer  from  1 
through  \m\  will  thereby  have  been  put  into  one  and  only  one  class 
defined  by  the  greatest  common  divisor  it  has  with  m.     Recalling  that  the 

symbol   >  <j>(d)  is  read,  "the  sum  over  the  divisors  of  m  of  <£(d),"  the  sum 


of  the  numbers  indicating  the  sizes  of  these  classes  is  >  tf>(d) 


Examples.  1.  If  m  =  90,  the  number  of  integers  n  from  1  through  90 
such  that  (n,  90)  =  6  is  0(15)  =  8.  The  integers  are  6,  12,  24,  42,  48,  66, 
78,  and  84. 

2.  The  positive  divisors  of  70  are  1,  2,  5,  7,  10,  14,  35,  and  70.  More- 
over, 0(1)  =  1;  0(2)  =  1;  0(5)  =  4;  0(7)  =  6;  0(10)  =  4;  0(14)  =  6; 
0(35)  =  24;  0(70)  =  24;  and  the  sum  of  these  integers  is  70. 

4-5.  Residue  Systems  Modulo  m.  Take  any  integer  a  prime  to 
m  >  1,  and  let 

rh  r2)  .  .  .  ,  rm 

be  a  complete  residue  system  modulo  m.     Form  the  products 

arh  ar2,  .  .  .  ,  arm 

No  two  of  these  m  integers  are  congruent  modulo  m,  for  if  i  ^  j  and 

ari  =  arj  (mod  m) 
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then 

Ti  =  r,-(mod  ra) 

which  is   contrary   to   our   assumption.     Consequently,    these   integers 
represent  the  ra  residue  classes  modulo  ra. 
Moreover,  if 

n,  r2,  .  .  .  ,  r^m) 

is  a  reduced  residue  system  modulo  ra  and  (a,  ra)  =  1,  the  set 

arh  ar2,  .  .  .  ,  ar^m) 

is  also  a  reduced  residue  system  modulo  m,  for  this  set  contains  exactly 
</>(ra)  integers,  all  of  which  are  incongruent  modulo  ra,  and  each  integer 
is  itself  prime  to  ra. 

Example.  The  set  0,  5,  5  •  2,  5  •  3,  .  .  .  ,5-11,  or  0,  5,  10,  15,  ...  , 
55,  is  a  complete  residue  system  modulo  12,  while  5,  25,  35,  55  is  a  reduced 
residue  system  modulo  12. 

Again  if  r1}  r2,  .  .  .  ,  rw  is  a  complete  residue  system  modulo  ra, 

a  +  rh  a  +  r2,  .   .   .  ,  a  +  rm 

for  any  a  ^  0  is  another  complete  residue  system,  for  there  are  m  integers 
in  the  set,  and  if  two  of  them  were  congruent  modulo  m,  when  i  ^  j, 

a  +  n  =  a  +  ry(mod  m) 
then 

Ti  =  ry(mod  m) 

Sometimes  it  is  convenient  to  use  the  integers  of  smallest  numerical 
value  to  represent  the  residue  classes  modulo  m.  If  we  write  any  integer 
a  in  the  form 

a  =  km  +  r         0  <  r  <  m 

for  this  system  we  keep  the  values  of  r  which  do  not  exceed  ra/2,  that  is, 
the  integers  from  0  through  ra/2  or  (ra  —  l)/2  depending  upon  whether 
ra  is  even  or  odd.  But  those  values  of  r  which  exceed  ra/2  are  replaced 
by  the  negative  integers  of  least  numerical  value  to  which  they  are  con- 
gruent for  the  modulus  ra.     Since 

ra  —  r  =  —  r(mod  ra) 

this  complete  residue  system  modulo  ra,  when  ra  is  even,  is 

0    19  m  ra  ra 

and  when  ra  is  odd,  it  is 

ra  -  1         m  -  1         ra  -  3 
U,  1,  A,   .   .   .   , — > — , — j   .   .   .   ,  —2,  —1 
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Examples.     For  the  modulus  14  the  set  —6,  —5,  —4,  .  .  .  ,  —1,0, 

1,  2,  .  .  .  ,  7  is  a  complete  residue  system,  but  for  the  modulus  15  the 
system  using  least  numerical  values  is  —7,-6,  .  .  .  ,  —1,0,  1,2,  .  .  .  , 
7. 

In  Theorem  4-3  we  showed  that  the  integers 

k,  k  +  d,  k  +  2d,  .  .  .  ,  k  +  (&  -  l)d 

of  the  arithmetic  progression  in  which  (b,  d)  =  1  form  a  complete  residue 
system  modulo  b. 

Furthermore,  we  can  generate  a  complete  residue  system  modulo  ab 
by  using  the  form  ax  +  y,  where  x  takes  all  the  values  in  a  complete 
residue  system 

ri,  r2}  .  .  .  ,  n  (3) 

for  the  modulus  b,  and  y  takes  all  values  in  a  complete  residue  system 

kh  k2,  .  .  .  ,  ka  (4) 

modulo  a.  It  is  evident  that  the  form  thereby  gives  ab  integers.  These 
integers  are,  moreover,  incongruent  modulo  ab,  for  if 

ari  +  kj  =  ars  +  A'*(mod  ab) 
then 

Ufa  —  rs)  =  fa  —  kj(mod  ab) 

and  a  \  (fa  —  kj),  so  that 

kt  =  kj  (mod  a) 

But  since  no  two  of  the  integers  of  (4)  are  congruent  modulo  a,  kt  =  kj. 
Hence, 

a(ri  —  rs)  =  0(mod  ab) 
and 

Ti  —  rs  =  0(mod  b) 

so  that,  as  above,  n  =  rs.  Consequently,  two  integers  formed  as 
described  cannot  be  congruent  modulo  ab  unless  they  are  identical,  and 
the  set,  therefore,  forms  a  complete  residue  system  modulo  ab. 

Again  when  (a,  b)  =  1,  if  we  use  the  form  ax  +  by,  letting  x  have  the 
values  of  (3)  and  y  have  the  values  of  (4),  the  resulting  ab  integers  form  a 
complete  residue  system  modulo  ab,  for  if 

ari  +  bkj  =  ars  +  bkt(raod.  ab) 
then 

a(ri  —  rs)  =  b(kt  —  Av)(mod  ab) 

But  then  a\  (fa  —  fa),  and  therefore  fa  =  fa.  Also  b  |  (rt-  —  rs),  so  that 
fj  =  rs.     Hence,  the  given  ab  integers  are  distinct  modulo  ab. 
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It  is  easy  to  show  also  that  if  x  has  the  values  in  (3)  that  are  prime  to  b 
while  y  has  the  values  in  (4)  that  are  prime  to  a,  then  when  (a,  b)  —  1,  the 
integers  ax  +  by  form  a  reduced  residue  system  modulo  ab. 

EXERCISES 

1.  Use  the  form  ax  +  by  with  (a,  b)  =  1  to  show  that  <£(a&)  =  <t>(a)<t>{b). 

2.  Prove  Theorem  4-5  by  setting  up  the  integers  1  through  m  =  p^pf*  •  •  •  Pknks 
in  an  array  of  s  complete  residue  systems  modulo  pinip2n2  ■   ■   ■  Phnk. 

3.  Show  that  an~lx  +  y  generates  a  complete  residue  system  modulo  an  if  x  has  the 
values  in  a  complete  residue  system  modulo  a  while  y  has  the  values  in  a  complete 
residue  system  modulo  an~l. 

4.  If  f(x)  is  an  integral  polynomial  and  if  there  are  \p(m)  integers  prime  to  m  in  the 
set/(l),/(2),  .  .  .  ,/(m),  prove  that  when  (a,  b)  =  1,  xp(ab)  =  Ha)Hb). 

5.  Find  the  number  of  integers  prime  to  m  in  the  set: 
a.  1  •  2,  2  •  3,  .  .  .  ,  m(m  +  1). 

,     1-22-3  m(m  +  1) 

b-  ~T'  -2~'  •  '  '  '  2 

6.  For  m  >  0  set  up  all  the  permutations  fc  at  a  time  with  repetitions  allowed  of  the 
positive  integers  not  greater  than  m.  Then  the  number  of  these  sets  of  k  integers 
whose  greatest  common  divisor  is  prime  to  m  is  4>k{m).  Find  a  formula  for  <}>k(pn),  and 
show  that  this  function  is  multiplicative. 

7.  Without  using  an  enumeration  according  to  size,  show  that  if  a,  b,  and  c  are 
positive  integers  and  a  =  be,  there  are  in  a  complete  residue  system  modulo  a  exactly 
c  integers  that  are  divisible  by  b.  (Let  ci,  c2,  .  .  .  ,  cc  be  a  complete  residue  system 
modulo  c.     Then  consider  the  set  be i,  6C2,  .  .  .  ,  bce.) 

8.  Can  you  find  an  integer  the  powers  of  which  set  up  a  complete  residue  system 
modulo  13?     Can  all  integers  prime  to  13  be  used  to  form  such  a  set? 

9.  By  expanding  (1  +  1  +  •  •  •  +  l)p,  prove  that  if  p  is  a  prime,  ap  =  a  (mod  p) 
and  hence  that  when  (a,  p)  =  1,  a^{p)  =  l(mod  p). 


CHAPTER  5 
THE  SOLUTION  OF  CONGRUENCES 


5-1.  Identical  and  Conditional  Congruences.  In  Sec.  4-3  the  consid- 
eration of  the  manner  in  which  residue  classes  combine  led  to  setting  up 
a  congruence  in  which  we  used  the  symbol  x  to  represent  an  integer. 
For  instance,  when  we  asked  whether  or  not  there  is  an  integer  which 
when  multiplied  by  2  would  give  an  integer  in  the  class  of  4  modulo  6,  we 
were  dealing  with  a  congruence  of  the  form  2x  =  4 (mod  6).  In  such 
congruences  we  shall  hereafter  think  of  x  not  as  just  a  symbol  for  an 
unknown  integer  but  as  a  variable  whose  values  are  the  rational  integers. 
By  substituting  such  values  in  the  congruence  2x  =  4  (mod  6)  it  has 
already  been  verified  that  both  2  and  5  are  values  of  x  that  satisfy  this 
congruence.  In  the  general  case  we  shall  say  that  if  the  constants 
ai,  a,2,  .  .  .  ,  an  are  substituted,  respectively,  for  the  variables  Xi,  x2, 
.  .  .  ,  xn  (all  of  whose  values  are  integers)  in  the  congruence 

fi(x1}x2,.   .   .  ,xn)  =  f2(xhx2,.  .   .  ,^)(modm) 

where  /i  and  f2  are  integral  polynomials  in  these  variables,  and  if 

fi(aha2,.  .  .  ,an)  =  /2(ai,a2,.  .  .  ,fl«)(mod  m) 

then  x\  =  ah  x2  =  a2,  .  .  .  ,  xn  —  an  is  a  solution  of  the  given  congruence. 
If  two  integral  polynomials  /i  and  f2  in  the  variables  xh  x2,  .  .  .  ,  xn 
are  such  that  the  coefficients  of  like  terms  are  congruent  to  each  other  for 
the  given  modulus  m,  then  these  expressions  are  said  to  be  identically 
congruent  for  the  modulus  m,  and  we  sometimes  write 

fi(xhx2,.  .  .  ,xn)  m  f2(xhx2,.  .  .  ,xn)(modm) 

calling  this  congruence  an  identical  congruence  although  very  often  we 
use  only  the  ordinary  sign  of  congruence  to  express  this  relation.  Corre- 
spondingly, an  integral  rational  algebraic  function  f(xi,x2,.  .  .  ,xn)  with 
integral  coefficients  is  identically  congruent  to  zero  for  the  modulus  m  if  and 
only  if  all  its  coefficients  are  divisible  by  m.  All  the  congruences  that 
involve  only  constants,  such  as  a  =  6  (mod  m),  are  necessarily  identical 
congruences.  9x2  —  2x  +  5  =  Sx2  +  Ax  —  l(mod  6)  is  an  identical 
congruence  in  the  single  variable  x.     It  is  evident  that  an  identical  con- 

66 
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gruence  will  be  satisfied  regardless  of  the  integral  values  that  are  assigned 
to  the  variables. 

On  the  other  hand,  we  shall  call  a  congruence  of  the  above  form,  but  in 
which  the  left-  and  right-hand  members  /i  and  f2  are  not  identically  con- 
gruent for  the  modulus  m,  a  conditional  congruence. 

We  shall  be  concerned  chiefly  with  congruences  of  the  form  fi(x)  = 
f2(x)(mod  m),  where  fi(x)  and  f2(x)  are  integral  polynomials  in  x.  We 
know  from  the  properties  of  congruences  that  when  r  is  a  solution  of  such 
a  congruence,  every  integer  in  the  class  with  r  for  the  modulus  m  also 
satisfies  the  congruence,  for  fi(r)  =  fi(r  +  km)  (mod  ra).  This  whole 
class  of  integers  is  considered  just  one  solution  of  the  congruence,  and 
consequently  a  solution  is  itself  written  in  the  form  of  a  congruence, 
x  =  r(mod  ra). 

Example.  The  congruence  2x  =  6  (mod  10)  is  satisfied  by  3  and  8. 
Hence,  the  complete  solutions  are  written  in  the  form  x  =  3  (mod  10)  and 
x  =  8(mod  10). 

Let  us  recall  that  in  algebra*  two  polynomials  fi(x)  and  f2(x)  are  said 
to  be  identically  equal  if  and  only  if  they  are  equal  for  all  values  of  x,  and 
hence  if  and  only  if  corresponding  terms  have  the  same  coefficients.  In 
particular,  a  polynomial  vanishes  identically  if  and  only  if  it  vanishes  for  all 
values  of  x,  which  means  if  and  only  if  all  its  coefficients  are  zero.  In 
contrast,  consider  the  congruence  x3  —  x  =  0(mod  3),  and  observe  that 
although  for  the  modulus  3  the  polynomial  x3  —  x  is  congruent  to  zero  for 
all  values  of  x,  yet  not  all  its  coefficients  are  congruent  to  zero  modulo  3. 
Again,  both  members  of  the  congruence  x3  —  2  =  x  +  l(mod  3)  have  the 
same  values  modulo  3  for  all  values  of  x,  but  the  members  are  not  iden- 
tically congruent  modulo  3.  In  other  words  a  congruence  may  be 
satisfied  by  all  integers  and  still  not  be  an  identical  congruence  according 
to  the  above  definition.     Examples  of  such  conditional  congruences  are 

xb  —  x  =  0(mod  5) 
x3  +  Sx2  +  2x  =  0(mod  6) 
Likewise, 

2x  =  4(mod  6) 
and 

x2  =  2(mod  5) 

are  conditional  congruences,  the  first  one  having  two  incongruent  solu- 
tions modulo  6,  while  the  second  has  no  solution  whatever. 
On  the  other  hand, 

x2  -  (x  -  2)(x  +  2)  =  0(mod  4) 

*  M.  Bocher,  "Introduction  to  Higher  Algebra,"  Chap.  1,  The  Macmillan  Com- 
pany, New  York,  1931. 
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and 

Qx2  +  x  -  15  m  x  +  3(mod  6) 

are  identical  congruences. 

EXERCISES 

Determine  whether  the  following  congruences  are  identical  or  conditional,  and 
find  the  solutions  by  trial  if  there  are  any. 

1.  2x2  +  Sx  =  5(mod  7).  2.  x4  +  x2  m  0(mod  10). 

3.  xz  +  x2  =  x3  -  z2(mod  2).  4.  2x3  +  3x2  +  x  =  0(mod  6). 

5.  x2  -  4  =  0(mod  5). 

6.  x4  -  1  =  (x  -  l)(x  -  2){x  -  3)(x  -  4)(mod  5). 

5-2.  Equivalent  Congruences.  Having  performed  on  a  congruence  an 
operation  listed  among  the  properties  of  the  congruence  relation  (Sec. 
4-2),  if  a  second  one  of  these  operations  can  be  performed  on  the  result  so 
as  to  restore  the  original  congruence,  the  first  operation  is  said  to  be 
reversible.     The  following  operations  on  a  congruence  can  be  reversed: 

1.  Adding  to  or  subtracting  from  each  member  of  a  congruence  con- 
gruent integers  or  other  expressions  that  are  identically  congruent  for  the 
given  modulus. 

2.  Substituting  F(x)  for  f(x)  in  a  term  f(x)g(x)  of  a  congruence  if  F(x) 
is  identically  congruent  to  f(x)  for  the  given  modulus. 

3.  Multiplying  or,  when  possible,  dividing  the  coefficients  of  each 
member  of  a  congruence  by  an  integer  that  is  prime  to  the  modulus. 

4.  Multiplying  or,  when  possible,  dividing  the  coefficients  of  each 
member  of  a  congruence  as  well  as  the  modulus  by  the  same  integer. 

If  any  of  these  operations  is  performed  a  finite  number  of  times  on  a 
congruence  fi(xi,x2,.  .  .  ,xn)  =  f2(xhx2,.  .  .  ,xn) (mod  mi)  and  the  result- 
ing congruence  is  giix^x*,.  .  •  ,xn)  =  ^2(^1,^2,.  .  .  ,£n)(mod  m^),  then 
the  two  congruences  are  said  to  be  equivalent.  For  instance,  when 
f(x)  =  F(x)(y&o&  m)  identically,  then  f(x) g (x)  =  k(x)(mod  m)  is  equiva- 
lent to  F{x)g(x)  +  m[h(x)]  =  k(x)(mod  m). 

Accordingly,  any  congruence 

fi(xhx2,.  .   .   ,xn)  =  f2(xi,x2,.  •   •  ,xn)(modm) 

can  be  reduced  to  an  equivalent  congruence  of  the  form  f(xi,x2,.  .  .  ,xn) 
=  0(mod  m).  For  example,  the  congruence  x2  +  10  =  7a:(mod  6)  is 
equivalent  to  each  of  the  congruences  x2  —  x  +  4  =  0(mod  6),  5x2  — 
5x  +  2  =  0(mod  6),  and  3x2  -  Sx  +  12  =  0(mod  18). 

When  a  congruence  has  been  written  in  the  form  f(xi,x2,.  .  .  ,xn)  = 
0(mod  m),  the  degree  of  the  congruence  is  defined  as  the  degree  of  the  term 
or  terms  of  highest  degree  in  f(xi,x2,.  .  .  ,xn)  whose  coefficient  or  coeffi- 
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cients  are  not  congruent  to  zero  for  the  modulus  m.     Thus 

6x3  +  10a;2  -  7x  +  9  =  0(mod  12) 
is  of  degree  three,  although 

12z3  +  Sx2  -  5x  +  7  =  0(mod  12) 
is  of  only  the  second  degree  and  can  be  written 

3x2  -  5x  +  7  =  0(mod  12) 

It  is  evident  that  when  two  conditional  congruences  are  equivalent,  any 
integer  that  satisfies  one  of  them  necessarily  satisfies  the  other.  Take, 
for  instance,  the  congruence  x2  =  4 (mod  5)  that  has  the  solutions  x  = 
2 (mod  5)  and  x  =  3  (mod  5).  The  congruence  5xz  +  3x2  =  2 (mod  5) 
has  the  same  solutions,  for  the  two  are  equivalent.  Again,  consider  the 
congruence  2x  =  4 (mod  6).  Every  integer  that  satisfies  this  congruence 
also  satisfies  the  equivalent  congruence  x  =  2 (mod  3).  The  distinction 
lies  in  the  fact  that  all  the  integers  that  satisfy  the  latter  congruence  are 
in  the  class  of  2  for  the  modulus  3,  but  these  integers  are  separated  into 
the  classes  of  the  residues  2  and  5  for  the  modulus  6.  The  first  con- 
gruence, therefore,  has  two  incongruent  solutions  modulo  6,  while  the 
second  one  has  but  one  solution  modulo  3. 

It  is  not  true,  however,  that  two  congruences  that  have  the  same  solu- 
tions for  a  given  modulus  are  necessarily  equivalent.  Both  2x  = 
4  (mod  6)  and  x2  —  x  +  4  =  0(mod  6)  have  the  solutions  x  =  2  (mod  6) 
and  x  =  5 (mod  6),  yet  they  are  not  equivalent. 

A  single  conditional  congruence  may  be  equivalent  to  a  set  of  simul- 
taneous congruences.  When  f(x)  =  0(mod  m)  and  m  =  raim2  ■  ■  •  mr, 
where  (m»,  m/)  —  1,  with  i,  j  =  1,  2,  .  .  .  ,  r,  and  i  ^  j,  then  the  con- 
gruence can  be  broken  up  into  the  set  of  congruences  f(x)  =  0(mod  mi). 
Conversely,  if  (ra*,  my)  =  1,  the  set  of  congruences  f(x)  =  0(mod  mt)  can 
be  combined  to  form  f(x)  =  0(mod  m).  We  shall  say  in  this  case  that 
f(x)  =  0(mod  m)  is  equivalent  to  the  set  f(x)  =  0(mod  m^).  For 
example,  5x  =  l(mod  12)  is  equivalent  to  the  set  of  two  congruences 
5x  =  l(mod  3)  and  bx  =  l(mod  4).  It  follows  that  if  x  =  £0(mod  12)  is 
a  solution  of  the  first  congruence,  then  xG  also  satisfies  the  last  two.  Con- 
versely, any  simultaneous  solution  of  the  set  of  two  congruences  implies 
that  the  original  congruence  has  the  same  solution,  for  the  moduli  3  and  4 
are  relatively  prime,  and  thus  when  5x0  —  1  is  divisible  by  both  3  and  4, 
it  is  divisible  by  their  product. 

But  when  two  congruences  are  themselves  not  equivalent,  the  existence 
of  a  solution  of  either  one  of  them  may  often  be  determined  by  showing 
the  existence  of  a  solution  of  the  other  one.  In  that  case  we  speak  of  the 
problems  of  the  existence  of  the  solutions  as  being  equivalent.     Notice 
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that  if  the  congruence  2x  =  3  (mod  9)  has  a  solution,  then  2x  =  l(mod  3) 
has  a  solution,  and  conversely.  This  statement  is  valid,  for  any  solution 
x  =  £0(mod  9)  of  the  first  congruence  would  have  to  be  a  multiple  of  3, 
and  consequently  each  x0/3  satisfies  the  second  congruence.  On  the 
other  hand,  the  second  congruence  is  satisfied  by  all  integers  in  the  class 
of  2  modulo  3,  and  none  of  these  integers  is  a  multiple  of  3.  However, 
where  x  =  x'(mod  3)  is  a  solution  of  2x  =  l(mod  3),  x  =  3£'(mod  9)  must 
be  a  solution  of  2x  =  3  (mod  9).  Thus  the  questions  of  the  existence  of 
solutions  of  these  congruences  are  mutually  dependent. 

Example.  To  determine  whether  or  not  the  congruences  3x2  —  x  -f- 
7  =  0(mod  15)  and  9x2  —  Sx  +  11  =  0(mod  15)  are  equivalent,  we  try 
to  find  a  multiplier  prime  to  the  modulus  that  will  change  the  leading 
coefficient  of  the  first  congruence  into  the  one  we  want.  What  value  of 
y  will  satisfy  Sy  =  9(mod  15)?  The  solutions  are  3,  8,  and  13  modulo  15. 
We  reject  3  since  it  is  not  prime  to  15.  Multiplying  each  member  of  the 
first  congruence  by  8,  we  have  24#2  —  8x  +  56  =  0(mod  15),  which 
reduces  to  9x2  —  Sx  +  11  =  0(mod  15).  Thus  the  congruences  are 
equivalent. 

EXERCISES 

1.  Is  x3  -  2  =  0(mod  3)  equivalent  to  xz  +  1  =  0(mod  3)? 

2.  Show  that  2x3  -  x2  +  2  =  0(mod  5)  is  equivalent  to  2x3  +  4z2  =  3  (mod  5). 

3.  Show  that  x2  -  2x  +  1  =  0(mod  3)  is  equivalent  to  2x2  -  x  +  2  =  0(mod  3). 

4.  Show  that  3a:2  -  6  =  0(mod  15)  is  equivalent  to  x2  -  2  =  0(mod  5). 

5.  Are  2x2  +  x  -  4  =  0(mod  5)  and  x2  +  3x  -  2  =  0(mod  5)  equivalent? 

6.  Is  the  congruence  xz  —  2  =  0(mod  3)  equivalent  to  the  congruence  2x3  —  x 
—  2  =  0(mod  3)?     Are  the  solutions  the  same? 

7.  Develop  two  congruences  equivalent  to  x2  —  9  =  0(mod  12). 

8.  Are  the  congruences  xz  —  x  =  0(mod  3)  and  x4  +  2x2  =  0(mod  3)  equivalent? 
Are  the  solutions  the  same? 

9.  Note  that  2x  =  8  (mod  10)  and  x2  —  2>x  +  6  =  0(mod  10)  have  the  same  solu- 
tions.    Are  they  equivalent? 

5-3.  Linear  Congruences.  Can  the  double  of  an  integer  give  the 
remainder  7  when  it  is  divided  by  52?     Has  2x  =  7 (mod  52)  a  solution? 

Theorem  5-1.  When  a  is  prime  to  m,  the  congruence  ax  =  l(mod  m) 
has  one  and  only  one  solution  modulo  m  and  this  solution  is  prime  to  m. 

The  congruence  ax  =  l(mod  m)  is  equivalent  to  the  equation  ax  + 
my  =  1,  which  we  have  shown  always  has  a  solution  in  integers  when 
(a,  m)  =  1.  There  can  be  but  one  solution  modulo  m,  moreover,  for  if 
both  xi  and  x2  satisfy  ax  =  l(mod  m), 

axi  ss  ax2(mod  m) 
and 

Xi  =  .x2(mod  m) 
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Furthermore,  when  ax\  =  l(mod  m),  it  is  clear  that  X\  is  prime  to  m. 

Theorem  5-2.  When  a  is  prime  to  m,  the  congruence  ax  =  6 (mod  m) 
has  one  and  only  one  solution  modulo  m. 

Now  consider  the  congruence  ax  =  b  (mod  m)  with  (a,  m)  =  1.  We 
know  that  ax  =  l(mod  m)  has  a  solution  x  =  £i(mod  m).     Then 

axib  =  6 (mod  m) 

shows  that  #  =  Xi6(mod  m)  satisfies  the  original  congruence. 

Again,  as  proved  above,  there  can  be  but  one  solution  modulo  m,  but 
notice  that  it  is  not  necessarily  prime  to  m. 

Theorem  5-3.  If  d  is  the  greatest  common  divisor  of  a  and  m,  the 
congruence  ax  =  b  (mod  m)  has  a  solution  if  and  only  if  d  divides  b. 
When  d  does  divide  b,  there  are  exactly  d  incongruent  solutions  modulo  m. 

Let  (a,  m)  =  d,  a  =  a0d,  and  m  =  m0d.  If  ax  =  b (mod  m)  has  a  solu- 
tion, it  is  evident  that  d  divides  b.  On  the  other  hand,  if  d  divides  b,  let 
b  =  cd,  and  reduce  the  congruence  to  the  equivalent  congruence 

a0x  =  c(mod  m0) 

In  this  case  (a0,  m0)  =  1,  and  there  is  but  one  solution  x  =  #i(mod  m0). 
Consider  this  class  of  integers  all  of  which  are  of  the  form  Xi  +  km0  and 
obviously  satisfy  the  given  congruence.  We  wish  to  know  whether  these 
integers  constitute  one  or  more  solutions  modulo  m;  that  is,  we  should 
like  to  know  for  which  values  of  k  these  integers  are  in  the  same  residue 
class  modulo  m.     We  see  that 

Xi  +  kmo  =  Xi  +  sm0(mod  m) 
if  and  only  if 

mQ(k  —  s)  =  0(mod  m) 

that  is,  if  and  only  if  k  —  s  =  0(mod  d).  Consequently,  when  k  ranges 
from  0  through  d  —  1,  the  integers  xi  +  kmo  represent  exactly  d  solutions 
that  are  incongruent  for  the  modulus  m  and  all  solutions  of  the  given 
congruence  lie  in  one  of  these  d  classes  modulo  m. 

Example.     Solve:  15x  =  12(mod  36). 

Since  (15,  36)  =  3  and  3  |  12,  we  reduce  the  congruence  to  hx  = 
4(mod  12)  of  which  there  is  one  solution  x  =  8(mod  12).  Hence,  the 
solutions  of  the  original  congruence  are  x  =  8,  20,  32 (mod  36). 

EXERCISES 

State  with  reasons  the  number  of  distinct  solutions  of  the  following  congruences,  and 
find  the  solutions. 

1.  3x  m  5(mod  9).  2.  5x  =  3(mod  27). 

3.  6z  =  3(mod  18).  4.  49z  =  23(mod  125). 

5.  12x  s  36  (mod  56). 
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5-4.  Division  of  Polynomials.  If  fi(x)  and  f2(x)  are  integral  polyno- 
mials and  if  it  is  possible  to  divide  /i(x)  or/i(x)  +  m  •  g(x),  where  g(x)  is 
an  integral  polynomial,  by  f2(x),  obtaining  integral  polynomials  q(x)  and 
r(x)  so  that 

fi(x)  =  }2(x)q(x)  +  r(a;)  (mod  m) 

is  an  identical  congruence,  and  if  the  division  is  continued  until  r{x)  is 
either  lower  in  degree  than  is  f2(x)  or  is  congruent  to  zero  modulo  m, 
then  q(x)  is  said  to  be  the  quotient  and  r(x)  the  remainder  in  the  division 
modulo  m  of  fi(x)  by  f2(x).  When  r(x)  =  0(mod  m)  identically,  the 
division  is  said  to  be  exact  and  both  f2(x)  and  q(x)  are  factors  modulo  m 
offi(x)  or  divisors  modulo  m  oifi(x).  Moreover,  fi(x)  is  a  multiple  modulo 
m  of  f2(x). 

Notice,  for  example,  that  if  we  divide  2a;2  —  x  —  3  by  a;  —  3  using 
ordinary  long  division,  we  find  that  there  is  a  remainder  12  which  is,  of 
course,  in  the  class  of  0  for  the  modulus  6,  and  therefore  we  say  that  x  —  3 
is  a  divisor  modulo  6  of  2a;2  —  x  —  3. 

As  it  stands,  we  cannot  divide  x2  —  1  by  Sx  —  2  modulo  6,  for  if 
there  were  a  quotient  ax  +  b  that  would  make  (Sx  —  2)  (ax  -f-  b)  + 
r  =  x2  —  l(mod  6)  an  identical  congruence,  then  3a  =  l(mod  6).  But 
there  is  no  value  of  a  that  will  satisfy  this  congruence. 

On  the  other  hand,  the  division  of  4a;2  +  x  by  2x  —  5  modulo  6  is 
possible,  but  it  is  not  exact,  for 

2x  -  5\  \x2  +  1  1  2x  ±  2 

\x2  -  lOx 


lOz  +  1  =  4x  +  l(mod  6) 
4x  -  10 

11  =  5(mod  6) 

Hence,  4z2  +  1  =  (2x  -  5)  (2x  +  2)  +  5  (mod  6). 

If  we  try  to  divide  4a;2  +  x  +  1  by  2x  —  5  modulo  6,  we  find  we  cannot 
carry  out  the  division  far  enough  to  obtain  a  remainder  of  the  required 
form,  for 

2x  -  5[  4x2  +      x  +  1       1  2x 
4x2  -  10a; 

11a;  +  1  =  5a;  +  l(mod  6) 

But  2y  =  5  (mod  6)  has  no  solution,  and  the  best  we  can  do  is  to  write  the 
identical  congruence  4a;2  +  x  +  1  =  (2x  —  5)(2x)  +  5x  +  l(mod  6). 

However,  if  we  change  the  form  of  the  above  divisor  using  —4a;  —  5 
instead  of  2a;  —  5,  we  have 
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—  4x  — 

5|  4a;2  +    x  +  1 
4a;2  +  5a; 

-  4x  +  1 

—  4a;  —  5 

\-x  +  l 

6  = 

=  0(mod  6) 

Hence,  4a;2  +  a;  +  1  =  (-4x  -  5)(-x  +  l)(mod  6). 

We  could  obtain  a  like  result  by  first  adding  Qx2  to  4a;2  +  x  +  1 ,  for  we 
find  that 

2a  -  5[  10z2  +      x  .+  1       |  5s  +  1 
10x2  -  25a; 

26a;  +  1  s  2a;  +  l(mod  6) 
2a;  -  5 

6  =  0(mod  6) 

We,  therefore,  have  4a;2  +  x  +  1  =  (2x  —  5)  (5a;  +  l)(mod  6). 

Notice,  furthermore,  that  when  the  modulus  is  6,  we  can  divide  3a;3  +  1 

by  3a;2  —  1,  getting  three  distinct  quotients  and  three  distinct  remainders, 

for 

3a;3  +  1  =  (3a;2  -  l)(x)  +  x  +  l(mod  6) 
3a;3  +  1  =  (3a;2  -  l)(3a;)  +  3a;  +  l(mod  6) 

3a;3  +  1  =  (3a;2  -  l)(5x)  +  5x  +  l(mod  6) 


and 


When  the  modulus  is  a  prime  and  the  polynomials  are  not  constants,  it 
is  easy  to  show  that  the  division  modulo  p  of  fi(x)  by  fz(x)  can  always  be 
accomplished,  for  any  term  present  in  either  one  of  these  polynomials  has 
a  coefficient  that  is  prime  to  the  modulus  and  the  congruence  ay  = 
6(mod  p)  has  exactly  one  solution  when  (a,p)  =  1.  The  remainder  r(x) 
will,  therefore,  be  congruent  either  to  zero  modulo  p  or  to  an  expression 
that  is  at  least  one  degree  lower  than  the  degree  of  the  divisor.  In  this 
case,  moreover,  both  q(x)  and  r(x)  are  unique,  for  if 

fi(x)  =J2{x)qi{x)  +  ri(aO(mod  p) 
and 

fi(x)  =  f2(x)q2(x)  +  r 2 (x)  (mod  p) 
then 

f2(x)[qi(x)  -  q2(x)]  =  r2(x)  -  ri(x)(mod  p) 

If  q\{x)  —  q2(x)  f£  0(mod  p),  let  its  leading  coefficient  be  b0  ?£  0(mod  p), 
and  let  the  leading  coefficient  of  f2(x)  be  a0  ^  0(mod  p).  Then  the  lead- 
ing coefficient  of  f2(x)[qi(x)  —  q2(x)]  is  a06o  ^  0(mod  p),  and  the  degree 
of  this  expression  is  at  least  that  of  f2(x),  thereby  exceeding  the  degree  of 
r2(x)  —  ri(x).  This  is  impossible,  and  we  infer  that  qi(x)  =  q-ii-v)  (mod  p) 
identically  and  likewise  that  7*1(0;)  =  r2(o;)(mod  p). 
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EXERCISES 

1.  Explain  why  x2  +  3  cannot  be  divided  by  4a;  —  2  modulo  8.  Carry  out  the 
division  modulo  5. 

2.  Divide  x2  -  2x  +  5  by  2x  -  3  modulo  7. 

3.  Divide  3x2  -  2x  +  4  by  2x  -  1  modulo  15. 

4.  Divide  x3  -  2x2  +  5x  -  1  by  2x  -  3  modulo  11. 

5.  Divide  2x2  —  2x  +  5  by  —  2x  —  3  modulo  6,  and  then  change  the  divisor  to  the 
form  4x  —  3  and  carry  out  the  division  modulo  6. 

6.  Divide  Axz  -  3z2  +  2x  +  1  by  2>x  -  1  modulo  11. 

7.  If  fix)  =  a0xn  +  ai^-1  +•••+«»  and  g(x)  =  bQxl  +  friz'"1  +  •  •  •  +  bt 
are  integral  polynomials  with  t  <  n,  and  if  (b0,  m)  =  1,  do  polynomials  g(x)  and  r(x) 
exist  so  that  /(a:)  h=  g(x)q(x)  +r(a;)(mod  m)  with  r{x)  lower  in  degree  than  g{x)l 
If  so,  are  these  polynomials  unique  modulo  m? 

Theorem  5-4.  If  x  =  r(mod  m)  is  a  solution  of  the  congruence  f(x)  = 
0(mod  m),  where  the  polynomial  f(x)  =  aQxn  +  aixn~l  +  ■  ■  ■  +  an 
with  a0  ^  0(mod  m),  then  x  —  r  is  a  factor  of  /(#)  for  the  modulus  m,  and 
conversely. 

According  to  the  remainder  theorem  of  algebra,  f(r)  is  the  remainder 
when  f(x)  is  divided  by  x  —  r.     Consequently, 

f(x)  =  (x  -  r)q(x)  +  f(r) 
or 

f(x)  -  f(r)  =  (x  -  r)q(x) 

identically,  and  q(x)  is  a  polynomial  60£n-1  +  b1xn~2  +  •  •  •  +  &«_i. 
But  f(r)  is  an  integer,  and  furthermore  /(r)  =  0(mod  m),  for  r  satisfies 
the  given  congruence.  Therefore,  the  coefficients  of  f(x)  —  f(r)  are 
integers.  Moreover,  it  is  evident  from  a  consideration  of  the  process  of 
long  division  or  from  the  following  argument  that  the  coefficients  of  q(x) 
are  integers.  Because  the  leading  coefficient  of  f(x)  is  an  integer,  the 
product  (x  —  r)q(x)  shows  that  60  =  a0  is  an  integer.  If  bi  were  not  an 
integer,  the  coefficient  a\  =  b\  —  rb0,  where  rbQ  is  an  integer,  would  not 
be  an  integer.  In  like  manner  the  fact  that  6t-_i  and  bi  —  r6t-_i,  where 
i  =  1,  2,  .  .  .  ,  n,  are  integers  implies  that  bi  is  also  an  integer.  Thus 
q(x)  is  an  integral  polynomial.     Hence, 

f(x)  ~  f(r)  =  (x  —  r)q(x)  (mod  m) 
and  so 

f(x)  =  (x  —  r)q(x)(mod  m) 

identically,  showing  that  x  —  r  is  a  factor  of  f(x)  for  the  modulus  m. 
Conversely,  if 

f(x)  =  (x  —  r)g(a:)(mod  m) 
then 

f(r)  =  0(mod  m) 

and  x  =  r(mod  m)  is  a  solution  oi  fix)  =  0(mod  m). 
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It  is  easy  to  show  that  when  x  —  r  is  a  factor  modulo  m  of  f(x),  the 
quotient  is  unique. 

5-5.  The  Number  and  Multiplicity  of  the  Solutions  of  a  Congruence. 
We  have  shown  that  the  congruence  2x  —  4  =  0(mod  6)  has  the  solutions 
x  =  2  (mod  6)  and  x  =  5  (mod  6).  Therefore,  Theorem  5-4  shows  that 
x  —  2  and  x  —  5  are  factors  modulo  6  of  2x  —  4.  Thus  2x  —  4  = 
2(x  —  2)  (mod  6),  and  2x  —  4  =  2(x  —  5)  (mod  6).  Notice,  however, 
that  the  product  (x  —  2)(x  —  5)  is  not  a  factor  modulo  6  of  2x  —  4.  On 
the  other  hand,  if  the  modulus  is  a  prime,  the  proof  of  the  following 
theorem  brings  out  the  fact  that  when  ri,  r2,  .  .  .  ,  rs  are  incongruent 
integers  modulo  p  that  satisfy /(#)  =  0(mod  p),  the  product  (x  —  ri)(x  — 
r2)  •  •  *  (x  —  rs)  is  a  factor  modulo  p  of  f(x) . 

The  eminent  mathematician  Lagrange  (1736-1813)  improved  the  work 
of  his  teacher  Euler  in  the  calculus  of  variations,  did  extensive  work  in  the 
solution  of  algebraic  equations,  and  expanded  the  theory  of  differential 
equations.  In  the  theory  of  numbers  he  was  the  first  to  prove  Wilson's 
theorem  and  the  first  to  prove  that  every  integer  is  a  sum  of  at  most  four 
squares.  He  gave  a  complete  proof  of  the  method  of  solving  the  equation 
x2  —  by2  =  1  in  integers.  Again,  he  made  important  contributions  to 
the  theory  of  quadratic  residues  and  binary  quadratic  forms.  The  next 
theorem  is  credited  to  him  and  reflects  his  interest  in  the  solution  of 
equations  as  well  as  congruences. 

Theorem  5-5  (Lagrange's  Theorem).  If  p  is  a  prime  and  f(x)  is  an 
integral  polynomial  a0xn  +  ai^n_1  +•.••+  o»  in  which  a0  ^  0(mod  p), 
then  the  congruence  j(x)  =  0(mod  p)  has  at  most  n  incongruent  solutions 
modulo  p. 

We  have  observed  that  the  congruence  f(x)  =  0(mod  p)  need  have  no 
solution,  but  if  there  is  a  solution  x  =  ri(mod  p),  it  follows  from  Theorem 
5-4  that  x  —  ri  is  a  factor  of  f(x)  for  the  modulus  p.  If  it  should  happen 
that  (x  —  ri)B1,  where  1  <  rii  <  n,  is  a  factor  modulo  p  of  f(x)  and  if  this 
power  is  the  highest  power  of  x  —  ri  contained  as  a  factor  in  f(x),  then 
x  =  ri (mod  p)  is  said  to  be  a  solution  of  multiplicity  nh  and 

f(x)  =  (x  —  ri)nigi(x)(mod  p) 

with  qi(x)  of  degree  n  —  n\  and  leading  coefficient  b0  =  a0  (mod  p). 

If  rii  <  n  and  if  the  original  congruence  has  another  solution  x  = 
r2(mod  p)  with  r2  incongruent  to  n  modulo  p,  then 

/(r2)  =  (r2  -  ri)nigi(r2)(mod  p) 

But  since /(r 2)  =  0(mod  p)  and  rx  ^  r2(mod  p),  it  is  evident  that  gi(r2)  = 
0(mod  p)  and,  as  above, 

qi(x)  =  (x  —  r2)mq2(x)(mod  p) 
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so  that 

f(x)  =  (x  —  ri)ni(x  —  r2)n2g2(V)(mod  p) 

identically. 

If  f(x)  =  O(mod  p)  has  one  or  more  other  distinct  solutions  for  the 
modulus  p,  we  continue  in  this  manner  until  either  all  the  solutions  which 
are  fewer  than  n  in  number  have  been  found  or  we  have  at  most  n  linear 
factors  modulo  p  of  f(x).  In  the  latter  case  we  find  the  identical 
congruence 

f(x)  =  a0(x  —  ri)rtl(x  -  r2)n2  •  •  •  (x  —  rk)nk(mod  p)  (1) 

where  n\  +  n2  +   •   ■   ■   +  nk  =  n,  and  hence  there  are  n  solutions,  for  a 
solution  of  multiplicity  rii,  where  i  =  1,  2,  .   .   .  ,  k,  is  counted  ni  times. 
If  we  now  substitute  for  xm  (1)  any  integer  s  not  congruent  to  any  r^ 
where  i  =  1,  2,  .  .  .  ,  k,  for  the  modulus  p,  we  find 

/(«)  =  aQ(s  -  r^is  -  r2)n2  ■  •  •   (s  -  rk)n*(mod  p)  (2) 

But  s  —  Ti  ^  0(mod  p),  and  a0  ^  0(mod  p).  Consequently,  f(s)  ^ 
0(mod  p),  and  x  =  s(mod  p)  is  not  a  solution  of  f(x)  =  0(mod  p).  There- 
fore, there  can  be  no  more  than  n  solutions. 

It  is  easy  to  show,  furthermore,  that  the  solutions  are  the  same  regard- 
less of  the  order  in  which  they  are  found. 

Moreover,  the  multiplicity  of  each  solution  is  unique  regardless  of  the 
order  in  which  the  factors  are  obtained,  for  if 

f(x)  =  (x  —  rxYq^x)  =  (x  —  r1)vq2(x)(mod  p) 

where  neither  qi(x)  nor  q2(x)  is  divisible  modulo  p  by  x  —  rh  and  if 
u  >  v,  we  have  the  identical  congruence 

(x  —  ri)v[(x  —  ri)u-vqi(x)  —  q2(x)]  =  0(mod  p) 

But  if  the  leading  coefficient  of  the  expansion  of  (x  —  ri)u~vqi(x)  —  qi(x) 
is  not  congruent  to  zero  modulo  p,  the  leading  coefficient  of  the  last  con- 
gruence written  in  the  expanded  form  cannot  be  congruent  to  zero  modulo 
p.  The  congruence  states,  however,  that  when  it  is  written  in  the  form 
a0xn  +  aixn~l  +  •  •  •  +  an  ss  0(mod  p),  all  its  coefficients  are  multiples 
of  p.  Consequently,  the  leading  coefficient  and,  in  like  manner,  each 
of  the  other  coefficients  of  the  expansion  of  (x  —  ri)u~vqi(x)  —  q%{x)  are 
congruent  to  zero  modulo  p.     Therefore,  we  have  the  identical  congruence 

(x  —  ri)w-ygiO)  =  q2(x)(mod  p) 

Substituting  r\  for  x,  we  find 

(ri  -  ri)w-ygi(ri)  =  #2(ri)(mod  p) 
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As  a  result  q^ri)  =  0(mod  p),  and  x  —  r\  is  a  factor  modulo  p  of  #2(2), 
which  is  contrary  to  our  assumption. 

It  is  obvious,  of  course,  that  when  n  >  p,  the  congruence  f(x)  = 
0(mod  p)  can  have  no  more  than  p  distinct  solutions  modulo  p. 

Again,  let  us  observe  that  if  we  place  no  condition  on  the  a0  of  f(x)  = 
0(mod  p)  and  assume  that  the  congruence  has  an  (n  +  l)st  solution 
x  =  s(mod  p)  that  is  distinct  from  each  r4-,  where  i  =  1,  2,  .  .  .  ,  k,  for 
the  modulus  p,  the  congruence  (2)  requires  that  aQ  be  congruent  to  zero 
modulo  p.  Consequently,  the  identical  congruence  (1)  implies  that 
every  coefficient  of  f(x)  is  congruent  to  zero  modulo  p.  Hence,  we 
conclude: 

Theorem  5-6.  If  the  congruence  a0xn  +  a\xn~x  +  ■  •  •  +  an  = 
0(mod  p),  with  p  a  prime,  has  more  than  n  solutions  (a  solution  of  multi- 
plicity m  being  counted  m  times),  each  aiy  where  i  =  0,  1,  .  .  .  ,  n,  is 
congruent  to  zero  modulo  p  and  the  congruence  is  an  identical  congruence. 

Example.     Find  by  trial  the  solutions  of  x*  +  x2  —  x  +  2  =  0(mod  5). 

If  f(x)  =  x4  +  x2  —  x  +  2,  /(  —  1)  =5.  Hence,  x  +  1  is  a  factor  of 
f(x)  modulo  5.  By  using  synthetic  division  we  find  f(x)  =  (x  +  1)  (x3  — 
x2  +  2x  -  3)  (mod  5).  Let/iO)  =  x*  -  x2  +  2x  -  3.  Then/i(-3)  = 
-45,  and  therefore  f(x)  =  (x  -f ■  l)(x  +  S)(x2  -  4x  +  4)  (mod  5).  It  is 
now  evident  that  f(x)  =  (x  +  l)(x  +  3)  (a;  —  2)2(mod  5)  and  that 
besides  the  solutions  x  =  —  l(mod  5),  x  =  —3  (mod  5),  there  is  a  double 
solution  re  =  2  (mod  5). 

Theorem  5-7.  If  p  is  a  prime,  the  congruence  f(x)  =  0(mod  p)  of 
degree  n  <  p  has  a  solution  #  =  a  (mod  p)  of  multiplicity  r  <  n  if  and 
only  if /(a)  =  0(mod  p),  /'(a)  =  0(mod  p),  .  .  .  ,  /^«(a)  =  0(mod  p), 
and/^(a)  ^  0(mod  p). 

We  recall  that  x  =  a  (mod  p)  is  a  solution  of  multiplicity  r  of  /(z)  = 
0(mod  p)  if  and  only  if  (x  —  a)r  is  a  factor  modulo  p  of  the  polynomial 
f(x),  but  (#  —  a)r+1  is  not  a  factor  modulo  p  of  /(x).  Furthermore,  we 
notice  that  if  we  define  the  derivative  with  respect  to  x  of  f(x)  =  a0xn  + 
ai#n-1  +  •  •  •  +  an  as  f(x)  =  atfixn~l  +  «i(^  —  l)xn~2  +  •  •  •  +  an_i, 
the  application  of  Taylor's  theorem  to  the  polynomial  f(x)  sets  up  the 
identity 

f(x)  =  /(a)  +  (x-  a)f(a)  +  (x  -  a)2^  +..-+.(*-  a)»f-^ 

If /(a)  =  0(mod  p),/'(a)  =  O(modp),  .  .  .  ,  and/^a)  =  O(modp), 
but  /(r)(a)  ^  0(mod  p)  for  r  <  n,  then,  the  f{i)(a)/i\  being  integers,  we 
have 

/(*)  s  (a;  -  aY J—^-  +  •••+(*-  a)«J-^p  (mod  p) 

and 

/(x)  =  Or  —  a)rQ(x)(mod  p) 
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If  (x  —  a)r+1  were  a  factor  modulo  p  of  f(x),  then 

(x  —  a)r+1q(x)  =  (x  —  a)rQ(x)(mod  p) 

and  the  identical  congruence 

(x  —  a)r[(x  —  a)q(x)  —  Q(x)]  =  0(mod  p) 
implies  that 

(x  —  a)q(x)  =  Q(x)(mod  p) 

Hence,  [f(r)(a)/r\]  +  •  •  •  +  (x  -  a)n-r[f^(a)/n\]  has  the  factor  x  - 
a  modulo  p,  and  so/(r)(a)  =  0(mod  p),  which  is  contrary  to  the  hypothesis. 
To  prove  the  converse  of  the  theorem,  first  call  to  mind  the  rule  for 
differentiating  a  product  of  two  functions,  and  remember  that  when  > a 
polynomial  has  been  factored  into  two  polynomials,  this  rule  enables  us 
to  set  up  an  identity  between  two  forms  of  f'(x),  for  if 

f(x)  =  aQxn  +  ciiX"-1  +-•■••  +  a*  =  (bQxr  +   •   •   •   +  br)(c0xs 

+    '    •    '    +  C8) 

then 

f'(x)  =  a0n^n_1  +  ai(n  —  l)xn~2  +"•••+  &n-i  =  (b0xr  +  ■  •  ■ 
+  kXcowr-1  +  •  •  •"  +  c8_i)  +  (bQrxr~l  +  •  •  •  +  &r_i)(co^ 

+  ■  *  •  +  c.) 

On  this  basis  the  method  of  induction  shows  that  it  is  valid  to  apply 
Leibnitz's  rule  for  the  kih  derivative  of  a  product  to  this  case.  If  u  and 
v  are  polynomials  in  x,  we  may,  therefore,  write 

dk(uv)  _      dku       ,  dv  dk~lu       k(k  —  1)  d2v  dk~2u  dkv 

~dx~k~  ~  Vdx~k+     dx  dx1^1  +        2!        dx~2  d^F2  +   '  *  '   +  u  dx~k  " 

Consequently,  if  f(x)  =  (x  —  a)rq(x)  (mod  p),  then  the  formula  verifies 
the  statement  that  f(k)(a)  =  0(mod  p)  for  k  <  r,  because  clearly  each 
ds(x  —  a)r/dxs  has  a  factor  x  —  a  when  s  <  r.  But  (x  —  a)r+l  is  not  a 
factor  modulo  p  of  f(x),  and  so  we  infer  from  q(a)  ^  0(mod  p)  and 

^[(X  ~dx^X)]  =  (*  ~  a^ir)^  +   '  '  '  +  r(r!)(^  ~  aWW  +  (r!)^W 

that/(r)(a)  ^  0(mod  p). 

To  make  it  plain  that  the  restriction  which  Theorem  5-7  places  on  the 
degree  of  f(x)  =  0(mod  p)  is  a  necessary  one,  consider  the  congruence  ' 
a;10  —  xb  =  0(mod  5).     Its  only  solutions  are  x  =  0(mod  5)   of  multi- 
plicity 5  and  the  simple  solution  x  =  l(mod  5).     Nevertheless,  f(k)(0) 
and  f(k)(l)  are  congruent  to  0  modulo  5  for  all  positive  values  of  k. 

When  we  are  solving  a  congruence  by  trial,  It  is  often  helpful  to  make 
use  of  the  following  two  theorems  to  eliminate  some  of  the  possible 
solutions : 


/ 
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*Theorem  5-8.  If  r  satisfies  the  congruence  aQxn  +  a\Xn~x  +  •  •  •  + 
an  =  0(mod  m),  then  r  is  a  factor  modulo  m  of  an. 

Since  r  is  a  solution  of  the  congruence,  a0xn  +  aixn~l  +•••+«»  = 
(ic  —  r)Q(^)(mod  m),  where  Q(x)  =  b0xn~1  +  •  •  •  +  6n_i(mod  m)  and 
60  =  a0(mod  m).  Hence,  an  =  —  r6n_i(mod  m),  and  thus  r  is  a  factor 
modulo  m  of  an. 

*Theorem  5-9.  If  r  satisfies  the  congruence  f(x)  =  0(mod  m),  then 
r  —  a  divides  f(a)  modulo  m. 

The  hypothesis  implies  that  f(x)  =  (x  —  r)Q(rc)(mod  m).  Substi- 
tuting a  for  x,  we  derive  f(a)  =  (a  —  r)Q(a)(mod  m). 

Example.     Solve /(x)  =  ^3  -  4x2  -  11a;  +  6  =  0(mod  12)  by  trial. 

Applying  Theorem  5-8,  the  possible  solutions  are  obtained  by  consider- 
ing the  congruences  rx  =  6(mod  12)  for  r  =  1,  2,  .  .  .  ,11.  The  values 
r  =  4  and  8  are  immediately  ruled  out,  for  the  corresponding  linear  con- 
gruences have  no  solutiom- 

Then  we  find  that  /fl)  =  —  8,  and  we  apply  Theorem  5-9.  The 
values  r  =  7  and  10  are  thereby  eliminated,  for  there  is  no  y  such  that 
(r  —  \)y  =  —8 (mod  12).  The  possible  solutions  are,  therefore,  nar- 
rowed to  2,  3,  5,  6,  9,  and  11  modulo  12,  and  the  substitution  of  these 
values  in  f(x)  shows  that  each  one  is  a  solution  of  the  given  congruence. 

5-6.  The  Chinese  Remainder  Theorem.  The  problem  of  finding  an 
integer  that  yields  certain  remainders  upon  being  divided  by  given 
integers  was  familiar  to  the  Chinese  as  early  as  the  first  century.  The 
solution  is  now  easily  effected  by  using  congruences.  When  the  integers 
mh  m2,  .  .  .  ,  mn  are  relatively  prime  in  pairs,  we  wish  to  find  an  integer 
x  such  that 

x  =  ai(mod  mi) 
x  =  a2(mod  mi) 

x  =  an(mod  mn) 

n 

Let  M  —  \\  rrti  and  Mi  =  M/rrii,  where  i  =  1,  2,  .  .  .  ,  n.     Then  set  up 

t=i 
the  n  congruences 

Mix  =  l(mod  mi)  (4) 

In  each  case  (M{,  mi)  =  1,  and  there  is  exactly  one  solution  x  =  .x\(mod  mz) 
of  each  congruence  (4).     Now  consider 

X  =  M iXidi  +  M2X2CL2  +   •  •  •   +  Mnxnan(mod  M) 

and  substitute  X  for  x  in  x  =  ai(mod  mi).  Since  M  and  each  M{  except 
Mi  are  congruent  to  0,  and  MiXi  is  congruent  to  1  for  the  modulus  mi, 
every  integer  of  the  form  X  +  kM  satisfies  x  =  a! (mod  mi).     In  like 
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manner  the  integers  in  the  residue  class  of  X  modulo  M  satisfy  all  the 
given  congruences. 

But  this  class  of  integers  is  the  only  simultaneous  solution  of  the  set  of 
congruences,  for  if  there  were  a  second  solution  Xi,  the  substitution  of  X 
and  Xi  in  the  given  congruences  (3)  shows  that 

X  =  Xi(mod  m,-) 

and  since  the  raz-  are  relatively  prime  in  pairs, 

X  =  Xi(mod  M) 

Hence,  we  have  shown  that : 

Theorem  5-10.  If  the  im,  where  i  =  1,  2,  .  .  .  ,  n,  are  relatively 
prime  in  pairs,  the  congruences  x  =  a; (mod  m»)  have  one  and  only  one 

n 

simultaneous  solution  modulo  M  =  \\  m^ 

Example.  Find  all  integers  that  give  the  remainders  2,  6,  5  when 
divided  by  5,  7,  and  11,  respectively. 

M  =  385        Mx  =  77        M*  =  55        M3  =  35 
77x  =  l(mod  5)  or  2x  =  l(mod  5)  has  the  solution  x  =  3  (mod  5) 
55a:  =  l(mod  7)  or  Qx  =  l(mod  7)  has  the  solution  x  =  6 (mod  7) 
S5x  =  l(mod  11)  or  2x  =  l(mod  11)  has  the  solution  x  =  6  (mod  11) 


Hence,    X  =  (77)  (3)  (2)  +  (55)  (6)  (6)  +  (35)  (6)  (5)  (mod    385),    or  X  m 
27(mod  385). 

5-7.  Other  Simultaneous  Linear  Congruences.  We  shall  demonstrate 
a  method  for  finding  a  solution,  when  it  exists,  of  certain  linear  simul- 
taneous congruences  whose  moduli  are  not  relatively  prime  in  pairs  by 
proving  the  following  theorem  by  induction: 

Theorem  5-11.  The  set  of  n  linear  congruences  x  =  a;(mod  mi)  has 
a  solution  if  and  only  if  the  greatest  common  divisor  of  any  pair  of  moduli, 
m^  mj,  i  and  j  having  the  values  1,  2,  .  .  .  ,  n,  with  %  ^  j,  divides  the 
corresponding  az-  —  a,j.  When  the  integer  X0  satisfies  each  congruence 
of  the  set,t  all  common  solutions  take  the  form  X0  +  Lt,  where  L  is  the 
least  common  multiple  of  the  m,-  and  t  is  any  integer. 
Taking  the  two  congruences 

x  =  ai(mod  mi)  .  . 

x  =  a2(mod  m2) 

f  Oystein  Ore  gave  the  general  form  of  the  solution  in  Am.  Math.  Monthly,  Vol.  59, 
No.  6,  pp.  365-370,  1952. 
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with  d\2  =  (mi,  m2),  let  us  suppose  that  x0  satisfies  both  of  them.  Then 
since 

x0  =  ai(mod  mx) 

Xq  =  a2(mod  m2) 
we  infer  that 

Xq  =  ai(mod  di2) 

£0  =  a2(mod  c?i2) 
and  that 

a-i  =  a2(mod  di2) 

Conversely,  if  di2  divides  a\  —  a2,  we  can  show  that  there  is  a  solution 
of  the  first  congruence  that  satisfies  the  second  one.  Every  solution  of 
the  first  congruence  is  of  the  form  a\  +  nay,  and  if  any  of  these  integers 
satisfy  the  second  congruence,  the  values  of  y  are  determined  by  the 
congruence 

cti  +  miy  =  a2(mod  m2) 
or 

miy  =  a2  —  ai(mod  m2) 

But  since  dn  \  (a2  —  «i),  there  is  at  least  one  value  y0  of  y  that  produces 
a  simultaneous  solution  a\  +  miy0  of  the  two  congruences. 

Moreover,  if  there  are  two  integers  x0  and  x\  that  satisfy  the  given 
congruences  (5),  substituting  them  in  these  congruences  shows  that 

X\  =  x0(mod  mi) 
x1  =  x0(mod  m2) 
and  hence  that 

Xi  =  ^0(mod  L) 

where  L  is  the  least  common  multiple  of  mi  and  m2.  Furthermore,  any 
integer  of  the  form  x0  +  Lt  is  a  common  solution  of  the  congruences  if  Xo 
is,  for  Lt  is  congruent  to  0  for  both  the  moduli  mi  and  m2. 

Suppose  now  that  the  theorem  is  true  for  a  set  of  k  —  1  congruences  of 
the  given  form.  Then  if  there  is  a  common  solution  X0,  all  and  only 
simultaneous  solutions  of  the  set  are  of  the  form  X0  +  Lk-it,  where  Lk-i 
is  the  least  common  multiple  of  mi,  m2,  .  .  .  ,  m^-i,  and  t  is  the  parameter. 

If  X  is  a  solution  of  a  set  of  k  congruences  of  the  required  form,  cer- 
tainly X  satisfies  the  first  k  —  1  congruences,  and  thus  it  is  true  that 
dij  =  dji  =  (mi,  mj)  divides  a*  —  a,-  for  t,  j  =  1,  2,  .  .  .  ,  k  —  1,  and 
i  t*  j.     But 

X  =  ai(mod  m*)         i  —  1,  2,  .  .  .  ,  k  —  1 
and 

X  =  afc(mod  m&) 


82  ELEMENTARY    THEORY    OF    NUMBERS 

Hence, 

X  =  a* (mod  dik) 

X  =  ak(mod  dik) 
and  therefore 

di  =  afc(mod  dik) 

Consequently,  dij  divides  a*  —  aj  for  i,  j  —  1,  2,  .   .   .  ,  k,  where  i  ^  j. 

Conversely,  if  dy  divides  di  —  aj  for  i,  j  =  1,  2,  .  .  .  ,  k,  common 
solutions  of  the  first  k  —  1  congruences  exist  and  have  the  form  X0  + 
Lk-it,  where  X0  is  a  simultaneous  solution.  It  is,  moreover,  possible  to 
determine  a  value  for  the  parameter  t  so  that  this  expression  will  produce 
a  solution  of  x  =  afc(mod  mk).  To  prove  this  statement,  consider  the 
congruence 

X0  +  Lk-it  =  ak(mod  mk) 
in  the  form 

Lk-it  =  ak  —  X0(mod  mk) 

We  can  show  that  this  congruence  has  a  solution  t  =  £0(mod  mk)  by  prov- 
ing that  the  greatest  common  divisor  of  Lk-i  and  rrik  divides  ak  —  X0. 

If  p  is  a  prime  factor  of  any  of  the  ra4-,  let  w!i  be  the  exponent  of  the 
highest  power  of  that  prime  contained  in  m*.  The  highest  power  of  this 
p  in  Lk-i  is  the  highest  power  of  p  that  is  in  any  one  of  mh  m2,  .  .  .  , 
mk-i.  Suppose  it  is  pm/,  the  power  of  p  that  occurs  in  mr,  where  1  <  r  < 
h  —  1.  Then  the  exponent  of  the  highest  power  of  the  prime  p  that  is 
contained  in  D  =  (mk,  Lk-i)  is  the  smaller  of  m'k  and  m!r.  Let  this  integer 
be  m's.     But 

X0  —  ar  =  0(mod  mr) 
and  hence 

X0  -  ar  =  0(mod  pm/) 

Since  ak  —  ar  is  divisible  by  the  greatest  common  divisor  of  mk  and  mr,  it 
is  divisible  by  that  power  of  p  determined  by  the  smaller  of  the  two 
exponents  m'h  and  raj.,  that  is,  by  m's.  But  from  the  above  congruences 
X0  —  ar  is  divisible  by  the  power  of  p  designated  by  the  smaller  of  the 
exponents  m!k  and  raj..     Hence, 

X0  -  ar  =  0(mod  pm°') 
and 

ak  —  ar  =  0(mod  pvls') 
Therefore, 

X0  -  ak  -  0(mod  pm>) 

Furthermore,  since  this  congruence  is  true  for  any  prime  factor  of  D  = 
(mk,  Lk-i),  the  integer  X0  —  ak  is  divisible  by  the  product  of  the  very 
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powers  of  the  primes  that  are  contained  in  D ;  that  is,  X  —  ak  is  divisible 
by  D.  Thus  there  is  a  value  of  t  that  forces  a  solution  of  the  first  k  —  1 
congruences  to  satisfy  the  kih  one,  x  =  afc(mod  m&). 

Again,  any  two  solutions  of  the  set  of  k  congruences  x  =  a*  (mod  mi) 
must  be  congruent  modulo  the  least  common  multiple  of  mi,  m2,  .  .  .  , 
mk,  for  two  solutions  X0  and  Xi  are  such  that 

X0  =  Xi(mod  Lfc-i) 
X0  =  Xi(mod  mk) 
and  hence 

X0  =  Xi(mod  Lk) 

where  Lk  is  the  least  common  multiple  of  Lk-i  and  mk  and  hence  of  mh 
m2,  .  .  •  ,  mk.     Moreover,  all  integers  of  the  form  X0  +  Lkt  satisfy  each 
congruence  of  the  given  set  if  X0  is  a  common  solution. 
Example.     Solve : 

x  =    7(mod  18) 

x  =  10(mod  15) 

x  =     l(mod  14) 

Let  d!  =  (18,  15)  =  3,  d2  =  (18,  14)  =  2,  dz  =  (15,  14)  =  1.  It  is 
evident  that  dx  \  (7  -  10),  d2  \  (7  -  1),  d3  |  (10  -  1).  Therefore,  a 
solution  exists. 

Substituting  7  +  18£  in  the  second  congruence,  we  find 

18*  =  3(mod  15) 
so  that 

t  =  l(mod  15) 

Since  90  is  the  least  common  multiple  of  18  and  15,  we  substitute  7  -f- 
18  +  90s  in  the  third  congruence  and  have 

90s  =  -24(mod  14) 
and  therefore 

s  =        3  (mod  14) 

Hence,  the  common  solution  is  X  =  295 (mod  630). 


EXERCISES 

1.  Find  by  trial  all  the  solutions  of  3z4  -  3z3  -  2z2  +  3z  +  6  =  0(mod  7). 

2.  Find  the  solutions  of  x«  +  10x5  +  4.x4  -  x3  +  x  +  6  =  0(mod  11). 

3.  Decide  whether  or  not  the  following  congruences  have  multiple  solutions. 

a.  x3  +  x2  +  3  =  0(mod  5) 

6.  2z3  +  1  =  0(mod  3) 
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4.  Find  the  common  solutions  of  the  following  sets  of  congruences. 

a.  x  m  2(mod  11) 

x  =  4(mod  15) 
x  =  9  (mod  14) 

b.  x  =  11  (mod  21) 

x  =  2  (mod  12) 
x  s  4(mod  10) 

c.  x  a  12  (mod  46) 

x  =  l(mod  31) 
x  =  16  (mod  28) 

6.  Find  a  multiple  of  7  that  has  the  remainders  1,  2,  3,  4,  and  5  when  it  is  divided, 
respectively,  by  2,  3,  4,  5,  and  6. 

5-8.  The  Number  of  Solutions  of  the  Congruence  f(x)  =  0(mod  m). 
If  the  p^  where  i  =  1,  2,  .  .  .  ,  r,  are  distinct  primes  and  m  =  pinip2n* 
•  •  •  prnr,  there  is  a  solution  of  the  congruence 

J{x)  =  0(mod  w)  (6) 

where  /(#)  is  an  integral  polynomial,  if  and  only  if  there  is  a  simultaneous 
solution  of  the  equivalent  set  of  congruences 

S{x)  =  0(mod  pini) 
Six)  =  0(mod  p2»«) 

/(x)  =  0(mod  prnr) 

But  if  there  is  a  solution  of  each  of  the  individual  congruences  of  (7),  we 
can  build  up  a  simultaneous  solution  of  the  set  by  means  of  the  Chinese 
remainder  theorem.  Suppose  that  integers  Xi  satisfy /(x)  =  0(mod  Pini), 
where  i  —  1,  2,  .  .  .  ,  r.  Then  find  the  common  solution  of  the 
congruences 

x  =  £i(mod  pini)  (8) 

Let  this  solution  be  x  =  Xi(mod  m).  The  integer  X\  satisfies  both  the 
set  (7)  and  the  original  congruence  (6)  because  for  each  i 


and  therefore 
But 
so  that 
and 


Xi  =  xz(mod  pini) 
SiX,)  =f(xi)(mo&pf) 
Sixi)  =  0(mod  pi**) 
SiXx)  m  0(mod  p^-i) 
SiX,)  =  0(mod  m) 
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If  in  the  set  of  congruences  (8)  we  replace  the  solution  of  just  one  of  the 
congruences  of  (7),  say  the  first  one,  by  a  solution  x[  distinct  from  X\ 
modulo  pini,  the  solution  x  =  X2(mod  m)  of  the  resulting  set, 

x  =  xi(mod  pini) 

x  =  ^(mod  pfi)         j  =  2,  3,   .   .   .  ,  r 

will  be  distinct  modulo  m  from  the  solution  Xi  of  (8),  for  if  the  solutions 
were  the  same, 

Xi  =  X2(mod  m) 

would  imply  that 

Xi  =  X2(mod  pini)         i  =  1,  2,  .  .  .  ,  r 
Then 

xi  =  xJ(mod  pini) 

whereas  we  assumed  that  these  integers  are  incongruent  solutions  of 
fix)  =  0(mod  pini).  Hence,  if  each  congruence  of  (7)  has  kt  solutions,  by 
inserting  them  in  (8),  we  see  that  there  are  kik2  •  ■  •  kr  solutions  modulo 
m  of  f(x)  =  0(mod  m). 

It  is  evident  too  that  if  one  congruence  of  (7)  fails  to  have  a  solution, 
there  is  no  solution  of  f(x)  =  0(mod  m).     Thus  we  have  shown  that: 

Theorem  5-12.     If  the  congruences  f(x)  =  0(mod  Pini),  where  i  =  1, 

r 

2,  .  .  .  ,  r,  have  fc»  >  0  solutions,  respectively,  there  are  exactly  ]  [   k{ 

i  =  l 

r 

incongruent  solutions  modulo  m  of  f(x)  =  0(mod  m),  where  m  =  J[  pini 

i  =  i 
and  the  pi  are  distinct  primes. 

We  have,  therefore,  reduced  the  problem  of  solving  a  congruence 
f(x)  =  0(mod  m)  to  that  of  solving  a  congruence  whose  modulus  is  a 
power  of  a  prime. 

5-9.  The  Solution  of  f{x)  =  0(mod  ps).  Any  integer  that  satisfies 
f(x)  =  0(mod  ps),  where  p  is  a  prime  and  f(x)  is  an  integral  polynomial, 
evidently  satisfies  the  congruence 

f(x)  =  0(mod  p*-1) 

The  converse,  however,  is  not  true,  but  it  is  obvious  that  if  the  second 
congruence  fails  to  have  a  solution,  f(x)  =  0(mod  ps)  can  have  no  solution. 
Suppose  that  f(x)  =  0(mod  p8-1)  has  a  solution  x  =  a;' (mod  p*~l). 
Under  what  conditions  will  one  of  these  integers,  x'  +  kp5-1,  be  a  solution 
of  f(x)  =  0(mod  ps)?     We  must  determine  which  values  of  k,  if  any,  will 
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satisfy  the  congruence 

fix'  +  kp8'1)  =  0(mod  p8) 

When/(x)  =  a0xn  +  a\Xn~l  +  •  •  •  +  an  is  a  rational  integral  function 
of  x,  we  have  defined  the  derivative  of  fix)  with  respect  to  x  as  aQnxn~1  + 
diin  —  l)xn~2  +  ■  •  •  +  an-\.  The  expansion  of  f(x  +  h)  according  to 
Taylor's  theorem  is  finite  and  is  of  necessity  valid  for  integral  values  of  x. 
Consequently, 

fix'  +  kp8-^)  =  f(x')  +  kV8-y{x')  +  fc2P2*-20^  _+_  .  .  . 


+ 


f(n)(x') 

frnpnS-n  J \_>_    /mQ(J   ps\ 

nl 


is  an  identical  congruence,  the  expressions /(r)  (re') /r!  having  been  shown 
to  be  integers.  Moreover,  if  s  >  2,  then  prs~r  >  p8  f or  r  >  2  and  hence 
all  except  the  first  two  terms  of  the  expansion  are  congruent  to  0  for  the 
modulus  ps,  so  that 

fix'  +  kp8-1)  =  fix')  +  kps-lf'ix')imod  p8) 

But  if  x'  +  kp8-1  is  to  satisfy  fix)  =  0(mod  ps),  this  congruence  shows 
that  fix')  +  kp8-xf'ix')  must  be  divisible  by  ps,  and  therefore  k  must  be 
chosen  to  satisfy  the  congruence  fix')  +  kps-lf'ixr)  =  0(mod  p8).  We 
know  that  fix')  =  tp8-1,  and  therefore  the  last  congruence  can  be  reduced 
to  the  congruence  t  +  kf'ix')  =  0(mod  p). 

When  the  greatest  common  divisor  of  fix')  and  p  is  1,  the  congruence 
kf'ix')  =  —  £(mod  p)  has  exactly  one  solution  k  =  /ci(mod  p).  This 
value  of  k  yields  exactly  one  solution  x  =  x'  +  A)ips_1(mod  ps)  of  fix)  = 
0(mod  p8). 

When  the  greatest  common  divisor  of  fix')  and  p  is  p,  and  p  does  not 
divide  t,  the  solution  x  =  a/ (mod  p8~l)  of  fix)  =  0(mod  ps~l)  does  not 
yield  a  solution  of  fix)  =  0(mod  ps).  But  if  p  does  divide  t,  fix')  is  a 
multiple  of  ps,  and  when  k  has  the  values  0,1,  .  .  .  ,  p  —  1,  each  of  the 
p  integers  x'  +  kp8-1  is  a  distinct  solution  modulo  ps  of  fix)  =  0(mod  p8). 
We  have  therefore  proved: 

Theorem  5-13.  If  fix)  =  a0xn  +  aix71'1  +  •  •  •  +a„  and  a/  satisfies 
the  congruence  /(a?)  =  0(mod  ps_1)  and  (1)  if  ifix'),p)  =  1,  there  is 
exactly  one  value  of  k  such  that  x  =  x'  -\-  &ps_1(mod  ps)  is  a  solution  of 
/(re)  =  0(mod  p8),  but  (2)  if  ifix'),p)  =  p,  no  solution  of  fix)  =  0(mod  p8) 
can  be  derived  from  x'  unless  x'  itself  satisfies  fix)  =  0(mod  ps),  in  which 
case  x'  +  /cps_1  yields  exactly  p  incongruent  solutions  modulo  ps  by  letting 
k  have  all  the  values  in  a  complete  residue  system  modulo  p. 

According  to  this  theorem,  to  solve  fix)  =  0(mod  p8),  we  first  solve 
fx)  =  0(mod  p)   and  then  determine  by  means  of  linear  congruences 
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modulo  p  the  solutions,  if  there  are  any,  of  f(x)  =  O(mod  p2),  f(x) 
=  0(mod  p3),  .... 

Example.  To  solve  2x2  -  Sx  -  1  =  0(mod  192),  first  take  f(x)  = 
2x2  -  3x  -  1  =  0(mod  19)  and  find  the  solutions  x  =  4,  7(mod  19). 
Since  /(4)  =  19,  t  =  1.  Also  f'(x)  =  4x  -  3,  and  therefore  /'(4)  =  13. 
Hence,  we  must  solve  1  +  13ft  =  0(mod  19).  But  k  =  —3 (mod  19),  so 
that  x  =  4  —  (3)  (19)  =  308  (mod  192)  is  a  solution  of  the  original 
congruence. 

Let  the  student  show  that  x  =  235  (mod  192)  is  the  solution  derived 
from  x  =  7  (mod  19). 

After  showing  that  x  =  3  (mod  4)  is  the  solution  of  f(x)  =  0(mod  4), 
apply  the  Chinese  remainder  theorem  to  find  the  solutions  of  f(x)  = 
0(mod  22  •  192). 


EXERCISES 


Solve  the  following  congruences. 


1.  3a:2  -  2x  +  3  =  0(mod  72).  2.  4a:3  +  7a:2  +  16a:  -  2  =  0(mod  45). 

3.  6a:2  +  17a:  -  20  =  0(mod  500).  4.  a:3  -  19a;2  +  32a:  +  34  =  0(mod  75). 

5.  2a:3  -  x2  +  20a:  +  4  =  0(mod  1089).  6.  5a:2  -  24a:  -  9  s  0(mod  1350). 

7.  xs  -  a:2  -  2a;  -  2  =  0(mod  2000).  8.  2a:3  +  a:2  -  6a:  -  13  =  0(mod  340). 

9.  x3  -2x2  -8x  -  Q  =  0(mod  357).  10.  a;3  -  5a:2  -  12s  +  6  =  0(mod  1700). 


CHAPTER  6 

THE  THEOREMS  OF  FERMAT  AND  WILSON  AND  THE 
MOBIUS  FUNCTION 


6-1.  Fermat's  Theorem.  Pierre  de  Fermat  (1601-1665)  was  a  pro- 
found scholar  who  was  not  especially  attracted  to  mathematics  until  a 
translation  of  the  work  of  Diophantus  excited  his  interest.  Once  having 
embarked  on  the  study  of  mathematics,  he  influenced  its  development  in 
all  the  branches  known  at  the  time.  With  Pascal  he  originated  basic 
ideas  in  the  theory  of  probability,  and  independent  of  Descartes  he 
developed  the  analytical  geometry.  He  also  helped  to  lay  the  founda- 
tions for  the  calculus.  But  he  is  renowned  for  his  work  in  the  theory  of 
numbers.  Unfortunately  he  failed  to  publish  the  many  theorems  he 
discovered  about  the  integers,  and  when  he  announced  his  results  in 
letters  to  other  mathematicians,  he  usually  concealed  his  methods  of 
proof. 

The  Chinese  knew  as  early  as  500  b.c.  that  2P  —  2  is  divisible  by  p  if  p 
is  a  prime,  but  it  remained  for  Fermat  in  1640  to  state  that  if  p  is  a  prime 
and  (a,  p)  =  1,  then  ap~l  =  l(mod  p).  We  do  not  have  his  demonstra- 
tion of  this  fact,  but  by  1761  both  this  theorem  and  the  more  general  one 
stated  below  had  been  proved  by  Euler. 

The  Chinese  also  believed  that  if  n  is  not  a  prime,  2n  —  2  is  not  divisible 
by  n.  Even  Leibnitz  (1646-1716)  thought  this  statement  to  be  true. 
Not  until  the  latter  part  of  the  eighteenth  century  did  mathematicians 
show  signs  of  resolving  the  problem.  The  conjecture  was  finally  dis- 
proved in  1819  when  Sarrus  found  that  341,  which  is  not  a  prime,  is  a 
factor  of  2341  —  2.*  Since  then  it  has  been  shown  that  there  is  an  infinite 
number  of  composites  n  that  will  divide  2n  —  2. 

Theorem  6-1.     If  the  integer  a  is  prime  to  m,  a0(m)  =  l(mod  m). 

We  showed  in  Chap.  4  that  when  (a,  m)  =  1  and  rh  r2,  .  .  .  ,  r0(M)  is 
a  reduced  residue  system  modulo  ra,  the  set  arh  ar2,  .  .  .  ,  ar^o)  is  also  a 
reduced  residue  system  modulo  ra.  The  integers  in  the  second  set  are, 
therefore,  in  some  order  congruent  to  those  in  the  first  set.     Hence, 

*L.  E.  Dickson,  "  History  of  the  Theory  of  Numbers,"  Vol.  1,  p.  92.  D.  H. 
Lehmer,  Am.  Math.  Monthly,  Vol.  43,  No.  6,  p.  347,  1936. 
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ari  53  rn(mod  m) 
ar2  =  r»2(mod  m) 


ar^m)  =  n>(m)(mod  m) 


Therefore, 

a(t>(-m)r1r2  ■  *  •  r^(m)  =  nr2  •  •  •  r^(ro)(mod  m) 


and 


,<Kro) 


=  l(mod  m) 


Corollary  1.     If  p  is  a  prime  and  a  is  prime  to  p,  av~l  =  l(mod  p). 
Corollary  2.     If  p  is  a  prime  and  a  is  any  integer,  ap  =  a  (mod  p). 
Examples.     56  =  l(mod  7);  248  =  l(mod  105). 

EXERCISES 

1.  Find  the  remainder  when  748  is  divided  by  180;  when  ll50  is  divided  by  180. 

2.  What  do  you  notice  about  the  least  positive  residues  of  the  powers  of  3  modulo 
7?     Is  the  same  fact  true  of  the  powers  of  2  modulo  7? 

3.  Find  the  remainder  when  2100  is  divided  by  11  and  when  2105  is  divided  by  11. 

4.  Show  that  nn  —  1  is  divisible  by  7  when  n  is  prime  to  7. 

5.  Find  the  solutions  of  the  congruence  xA  —  1  =  0(mod  12). 

6.  Prove  that  n37  —  n  is  divisible  by  the  product  of  the  primes  2,  3,  5,  7,  13,  and  37 
for  any  positive  n. 

7.  Prove  that  an  —  bls  is  divisible  by  133  if  a  and  b  are  prime  to  133. 

8.  Can  you  find  integers  all  of  whose  digits  are  9  that  are  divisible  by  7?  By  other 
primes? 

6-2.  Applications  of  Fermafs  Theorem 

Theorem  6-2.  The  solution  of  ax  =  b (mod  m),  where  (a,  m)  =  1, 
is  x  =  6a^(w)-1(mod  m). 

According  to  Fermat's  theorem 

a<t>(m)  =  i(mod  m) 
Hence, 

a^m)b  =  6(mod  m) 

and  therefore  x  =  6a^(w)_1(mod  m)  is  the  solution  of  ax  =  b  (mod  m). 

Theorem  6-3.  If  f(x)g(x)  m  xp~l  —  l(mod  p),  where  p  is  a  prime 
greater  than  2,  each  of  the  congruences  f(x)  =  0(mod  p)  and  g(x)  = 
0(mod  p)  has  the  maximum  number  of  incongruent  solutions  modulo  p 
permitted  by  its  degree. 

Fermat's  theorem  shows  that  the  congruence 

xp-i  _  i  =  0(mod  p)  (1) 

has  exactly  p  —  1  distinct  solutions  modulo  p.     When  p  >  2,  if  we  factor 
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xp-i  _  i  modulo  p  into  f(x)  and  g(x)  of  degrees  r  and  p  —  1  —  r,  respec- 
tively, the  congruence 

f(x)  =  0(mod  p)  (2) 

has  no  more  than  r  distinct  solutions,  and 

g(x)  ^  0(mod  p)  (3) 

has  at  most  p  —  1  —  r  incongruent  solutions  modulo  p.     But  since 
f(x)g(x)  =  0(mod  p)  has  exactly  p  —  1  distinct  solutions,  neither  of  the 
congruences  (2)  and  (3)  can  have  fewer  than  its  maximum  number  of 
incongruent  solutions  modulo  p. 
For  example,  if  p  >  2, 

XV-1  _  1   ==   (x  _   l)(a;P-2  +  3P-I  +    •    •    .    +  1) 

Hence,  the  congruence 

xP-2  _j_  ^p-3  -{-   -  .  •   +  l  ==  0(mod  p) 

has  exactly  p  —  2  incongruent  solutions  modulo  p  and  they  are  2,  3, 

. . .  ,P-i. 

Corollary  1.  If  p  is  a  prime  greater  than  2,  each  of  the  congruences 
x(p-d/2  _  1  =  0(mod  p)  andx^-«/2  +  1  =  0(modp)  has  exactly  (p  -  l)/2 
solutions  that  are  incongruent  modulo  p. 

For  p  >  2, 

xp-i  _  1  =  (a^-D/2  -  l)(x^-»'2  +  1) 

and  therefore  each  of  the  congruences  x(p~1)/2  —  1  =  0(mod  p),  and 
x(p-i)/2  4-  1  =  0(mod  p)  has  exactly  (p  —  l)/2  solutions  that  are  distinct 
modulo  p.     Furthermore,  since 

(p  -  a)^-1)/2  =  (-^-^(mod  p) 

if  p  is  of  the  form  4fc  +  1  and  (p,  a)  =  1,  both  a  and  p  —  a  satisfy  the 
same  congruence,  but  if  p  is  of  the  form  4k  —  1,  a  satisfies  one  of  the 
congruences  while  p  —  a  satisfies  the  other. 

Corollary  2.  If  p  is  a  prime  greater  than  2  and  d  divides  p  —  1,  the 
congruence  xd  —  1  =  0(mod  p)  has  exactly  d  solutions  that  are  incon- 
gruent modulo  p. 

EXERCISES 

1.  Write  the  solution  of  Sx  =  20 (mod  35),  and  reduce  it  to  a  least  positive  residue 
modulo  35. 

2.  Find  the  solutions  of  x8  +  1  =  0(mod  17)  and  x8  —  1  =  0(mod  17),  and  also  of 
x*  +  1  =  0(mod  19)  and  x»  -  1  =  0(mod  19). 

3.  How  many  solutions  has  the  congruence  x3  —  1  =  0(mod   13)?     Find  them. 

4.  Prove  that  the  congruence  x2  +  1  =  0(mod  p)  in  which  p  is  a  prime  of  the  form 
4n  +  1  has  two  distinct  solutions  modulo  p. 
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*Theorem  6-4.  Corresponding  to  any  conditional  congruence  f(x)  = 
a0xn  +  ai.xn-1  +  •  •  •  +  an  —  0(mod  p),  where  p  is  a  prime,  a0  ^ 
0(mod  p),n  >  p,  saidf(x)  is  not  a  multiple  of  xp  —  x  modulo  p,  there  is  a 
congruence  that  is  lower  than  p  in  degree  and  has  the  same  distinct 
solutions  modulo  p  as  the  original  congruence. 
Using  Fermat's  theorem,  we  showed  that 

xp  —  x  =  0(mod  p) 

has  all  p  distinct  solutions  permitted  by  the  modulus.  Moreover,  if  we 
divide  f(x)  by  xp  —  x  until  we  have  a  remainder  whose  degree  is  less  than 
p,  we  observe  that  both  the  quotient  Q(x)  and  the  remainder  R(x)  are 
integral  polynomials  and  that 

f(x)  =  (xp  -  x)Q(x)  +  R(x)(mod  p) 

is  an  identical  congruence.  Consequently,  every  distinct  solution  of 
}{x)  =  0(mod  p)  must  satisfy 

R(x)  =  0(mod  p) 
and  conversely. 

Example.  2x4  —  x2  —  1  =  2x(xz  —  x)  +  x2  —  l(mod  3),  and  there- 
fore the  congruence  x2  —  1  =  0(mod  3)  has  the  same  distinct  solutions 
x  =  l(mod  3)  and  x  =  2 (mod  3)  as  the  congruence  2xA  —  x2  —  1  = 
0(mod  3).  Although  these  integers  are  simple  solutions  of  the  second 
congruence,  they  are  double  solutions  of  2#4  —  x2  —  1  =  0(mod  3). 

Notice  that  if  f(x)  =  0(mod  p)  has  p  distinct  solutions  modulo  p, 
R(x)  ==  0(mod  p)  is  an  identical  congruence,  for  it  is  lower  than  p  in 
degree  and  yet  has  p  incongruent  solutions  modulo  p.  Hence,  f(x)  is  a 
multiple  of  xp  —  x  modulo  p.  Conversely,  if  f(x)  is  a  multiple  of  xp  — 
x  modulo  p,  f(x)  =  0(mod  p)  has  p  distinct  solutions  modulo  p.  Thus 
we  have: 

Corollary.  The  congruence  f(x)  =  0(mod  p)  with  p  a  prime  has  p 
distinct  solutions  modulo  p  if  and  only  if  fix)  is  a  multiple  of  xp  —  x 
modulo  p. 

*Theorem  6-5.  The  congruence  f(x)  =  a0xn  +  a\xn~x  +  *  •  •  + 
an  =  0(mod  p)  with  a0  ^  0(mod  p)  and  p  a  prime  is  equivalent  to  a  con- 
gruence bQxn  +  bixn~l  +  •  •  •  +  bn  =  0(mod  p)  in  which  60  =  l(mod  p). 

Let  x0  satisfy  the  congruence 

a0x  s=  l(mod  p) 

and  multiply  f(x)  by  Xo  so  that 

xQaQxn  +  Xodtf"-1  +  •  •  •  +  x0an  =  xn  +  bixn~l  +   •  •  •   +  6n(mod  p) 

Obviously,  x0f(x)  =  0(mod  p)  is  equivalent  to  fix)  =  0(mod  p),  for 
(xQ,  p)  =  1. 
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Theorem  6-6.  The  congruence /(V)  =  aQxrl  +  a-^x71"1  +  '  •  "  +  ««  — 
0(mod  p)  with  p  a  prime,  a0  f£  0(mod  p),  and  n  <  p  has  exactly  n 
distinct  solutions  modulo  p  if  and  only  if  the  remainder  R{x)  obtained 
upon  dividing  xp  —  x  by  f(x)  modulo  p  is  identically  congruent  to  zero 
for  the  modulus  p. 

Dividing  xp  —  x  by  f(x)  modulo  p,  suppose  that  we  find  the  identical 
congruence 

xp  —  x  =  f(x)Q(x)  +  R(x)(mod  p) 

in  which  R(x)  is  an  integral  polynomial  of  degree  less  than  n.  But  then 
every  solution  of  f(x)  =  0(mod  p)  must  satisfy  R(x)  =  0(mod  p).  Con- 
sequently, if  f(x)  =  0(mod  p)  has  n  distinct  solutions  modulo  p,  R(x)  is 
identically  congruent  to  zero  modulo  p. 

If,  conversely,  R(x)  is  identically  congruent  to  zero  for  the  modulus  p, 
the  congruence 

xp  —  x  =  f(x)Q(x)  (mod  p) 

is  identical  and  from  Theorem  6-3  we  infer  that  f(x)  =  0(mod  p)  has 
exactly  n  distinct  solutions  modulo  p. 

6-3.     Wilson's  Theorem 

Theorem  6-7.     If  p  is  a  positive  prime,  (p  —  1)!  +  1  =  0(mod  p). 

Since  the  integers  1,  2,  .  .  .  ,  p  —  1  of  a  reduced  residue  system 
modulo  p  constitute  the  solutions  of  the  congruence  xv~l  =  l(mod  p), 
there  are  exactly  p  —  1  linear  factors  modulo  p  of  o^-1  —  1.     Hence, 

xp-i  _  i  =  (x  _  i)(x  _  2)   •  •  •   (z  —  p  +  l)(mod  p) 

is  an  identical  congruence.  It  is,  therefore,  satisfied  by  x  =  0(mod  p) 
with  the  result  that 

-1  =  (_i)P-i(p  -  l)!(mod  p) 

If  p  is  odd,  it  follows  that  (p  —  1)!  +  1  =  0(mod  p),  and  if  p  =  2, 
it  is  evident  that  the  theorem  holds. 

Corollary.  If  p  is  a  positive  prime  and  r  =  1,  2,  .  .  .  ,  p  —  2,  the 
sum  of  all  possible  products  of  distinct  integers  selected  rata  time  from 
the  set  1,  2,  .  .  .  ,  p  —  1  is  a  multiple  of  p. 

Because  xp~l  —  1  is  identically  congruent  to  (#  —  l)(x  —  2)  ■  ■  ■  (#  — 
p  +  1)  modulo  p,  the  coefficients  of  like  powers  of  x  in  these  two  poly- 
nomials are  in  the  same  residue  class  modulo  p.  Therefore,  the  coeffi- 
cients of  all  the  positive  powers  of  x  occurring  in  the  product  with  the 
exception  of  the  coefficient  of  xp~l  are  congruent  to  0  modulo  p.  But 
when  p  >  2,  except  for  its  sign,  the  coefficient  of  xp~2  in  this  product  is  the 
sum  1+2+  ■  •  •  +  p  —  1 ;  the  coefficient  of  xp~z  is  the  sum  of  products 
of  integers  selected  two  at  a  time  in  all  possible  ways  without  repetition 
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from  1,  2,  .  .  .  ,  p  —  1.  Likewise,  except  for  sign,  the  coefficient  of 
XP-r-i;  for  r  =  1,  2,  .  .  .  ,  p  —  2,  is  the  sum  of  products  of  integers 
selected  r  at  a  time  from  the  same  set.  All  these  sums  are,  therefore, 
multiples  of  p.  Equating  the  absolute  terms  would,  of  course,  give 
Wilson's  theorem. 

Theorem  6-8.     If  (n  —  1)!  +  1  =  0(mod  n),  then  n  is  a  prime. 

Suppose  that  n  >  1  is  a  composite  and  that 

(n  -  1)!  +  1  =  0(mod  n) 

Then  n  =  n\n2,  where  1  <  rii,  n2  <  n,  and  consequently  both  ri\  and  n2 
are  factors  of  (n  —  1)!.  But  neither  of  these  integers  can  divide  1. 
Hence,  n  is  a  prime. 

Theoretically  Wilson's  theorem  and  its  converse  afford  a  test  for  a 
prime,  but  when  n  is  large,  the  amount  of  calculating  involved  is  so  great 
that  the  test  is  entirely  impracticable. 

EXERCISES 

1.  Use  Wilson's  theorem  to  show  that  23  is  a  prime. 

2.  Show  that,  for  p  >  5,  (p  —  1) !  +  1  has  a  prime  factor  different  from  the  prime  p. 

3.  If  p  is  a  prime  of  the  form  4.n  +  1,  prove  that  (2n)!  is  a  solution  of  the  con- 
gruence x2  =  —  l(mod  p). 

4.  If  p  is  a  prime  of  the  form  4n  —  1,  show  that  (2n  —  1)!  is  a  solution  of  the  con- 
gruence x2  =  l(mod  p). 

5.  If  p  is  a  prime,  prove  that  each  of  the  coefficients  of  the  expansion  of  (1  —  z)p_1  is 
one  greater  than  some  multiple  of  p. 

6.  If  r\,  r2,  .  .  .  ,  rp  and  h\,  k2,  .  .  .  ,  kp  are  both  complete  residue  systems  for 
the  modulus  p,  a  prime,  can  rjci,  r2k2,  .  .  .  ,  rpkp  form  a  complete  residue  system 
modulo  p? 

7.  Show  that  if  ri,  r2,  .  .  .  ,  rp_i  is  any  reduced  residue  system  modulo  p,  a  prime, 
p-1 

1 1  rt-  =  —  l(mod  p). 

i=l 

8.  If  n,  r2,  .  .  .  ,  rp_i  is  a  reduced  residue  system  modulo  p,  an  odd  prime,  then  p 
divides  any  integral  rational  symmetric  function  of  the  n,  where  i  =  1,  2,  .  .  .  , 
p  —  1,  whose  degree  is  less  than  p  — .  1. 

9.  Develop  another  proof  of  Wilson's  theorem  by  making  use  of  the  solutions  of 
x2  =  l(mod  p)  and  ax  =  l(mod  p),  where  (a,  p)  =  1  and  p  is  an  odd  prime.  Notice 
that  of  the  integers  1,  2,  3,  .  .  .  ,  p  —  1  only  1  and  p  —  1  satisfy  the  first  congruence 
and  that  when  a  is  selected  from  the  set  2,  3,  .  .  .  ,  p  —  2,  there  is  a  solution  of  the 
second  congruence  that  is  in  this  very  set  and  is  distinct  from  a. 

6-4.  The  Mobius  Function.  If  the  pi}  where  i  =  1,  2,  .  .  .  ,  r,  are 
distinct  positive  primes  and  if  m  =  ±pinip2n2  ■  ■  ■  prnr,  we  sajr  that 
ju(m)  =  0  if  any  exponent  nt  >  1 ;  that  m(^)  =  (—  l)r  if  each  w<  =  1 ;  and 
that  p(m)  =  1  if  each  n»  =  0,  which  means  that  /*(  +  1)  =  1.  When  it  is 
so  defined,  /x(m)  is  called  the  Mobius  function. 
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*Theorem  6-9.     The  function  n(m)  is  multiplicative. 

Take  (a,  b)  =  1,  and  let  a  =  ±pinip2n*  ■  ■  ■  Prnr,  b  =  ±qisiq2*2  ■  ■  ■ 
qtSt,  where  the  factorizations  are  into  powers  of  distinct  positive  primes. 

If  any  niy  where  i  =  1,  2,  .  .  .  ,  r,  or  S/,  where  j  =  1,  2,  .  .  .  ,  t,  is 
greater  than  1,  jn(a)/*(b)  =  0.     But  then  /*(a&)  =  0. 

If  all  rii  and  s,-  are  1,  then  /*(a)  =  (  —  l)r  and  /*(&)  =  (l—  1)*,  so  that 
M(a)/*(6)  =  (i-l)r+t.     But  mW  =  (~l)r+f. 

If  either  a  =  ±1,  or  a  =  ±1  and  &  =  ±  1,  then  ju(a&)  =  p(a)n(b). 

*Theorem  6-10.       >  ii{d)  is  0  or  1  according  as  \m\  is  greater  than  or 

d\m 

equal  to  1. 

If  m  -  1,  J  mM  =  m(1)  =  1. 

rf|i 
If  m  =  +pinip2W2  *  *  •  Prn%  since  p(d)  =  0  for  any  divisor  d  of  m  that 
has  a  factor  p*2,  where  i  =  1,  2,  .  .  .  ,  r,  we  need  consider  only  the 
divisors  of  pip2  '  '  '  pr-     But  these  divisors  are  found  by  combining 
factors  chosen  in  all  possible  ways  from  these  r  primes.     Thus  we  find 


rCo 

-M(l) 

,Ci( 

-1) 

-2> 

"(Pi) 

,c2(- 

-I)2 

viViVi) 

rCr(-l)r    =    H{pip2    •     '     '    Pr) 

ButrCo-KCi(-l)  +rC2(-l)2+  '  ■  ■  +rCr(-l)r  =  (1-  1)'  =  0,  and 
hence  p(di)  +  n{d2)  +•■••+  n(ds)  =  0,  where  di,  d2,  .  .  .  ,  ds  are  the 
positive  divisors  of  m. 


=  1. 


*Theorem  6-11.     If  m  is  a  positive  integer,   /    fi(n) 

n  =  l 

The  preceding  theorem  shows  that 

£  mWi)  +  £  /ift)  +  •  •  •   +    J   "W»)  =  X 

di|l  d2|2  dm|m 

But  1  will  be  a  divisor  of  each  integer  of  the  set  1,  2,  .  .  .  ,  m,  so  that 
ju(l)  will  occur  m  times  in  the  above  sum;  2  will  be  a  divisor  of    —    of  the 

[1YI  I 
—    times.     Generally,  d  will  be  a  divisor 
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of     -r     of  the  integers  from  1  through  m,  and  therefore  fi(d)  will  occur 
-r    times  in  the  sum.     Hence, 

m 


n  =  l       d\n 

and 


m 


n  =  l 

^Theorem  6-12  (The  Mobius  Inversion  Formula).  If,  for  m  >  0, 
f(m)  is  an  arithmetic  function  and  if  an  arithmetic  function  g(m)  is  so 
defined  that 

g(m)  =  ^  f(d) 

d\m 

then 

f{m)  =  ^  "to»  (f)  (4) 

We  shall  build  up  the  right-hand  member  of  the  equation  (4)  to  be 
proved  by  first  observing  that  as  d  ranges  through  all  the  positive  divisors* 
of  m,  the  integer  m/d  does  likewise.  According  to  the  hypothesis,  it 
follows  that  for  each  positive  divisor  m/d  of  m 

a\m/d 

Kd)g  (j)  =  mW  J  /(a) 

a|m/d 

2^)?fe)=2M(rf)2/(a) 

d\m  d\m  a\m/d 

=  X  X M(rf)/(a) 

d\m    a\m/d 


and 


Hence, 
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Reversing  the  order  of  summation,  we  have     • 

d\m  a\m/d    d\m 

But  to  say  that  a  ranges  through  the  positive  divisors  of  m/d  while  d  takes 
on  the  values  of  the  positive  divisors  of  m  is  the  same  as  saying  that  a 
ranges  through  the  positive  divisors  of  m  while  d  is  a  positive  divisor  of 
m/a.     Consequently, 


d\m  a\m    d\m/a 

=  X/(a)2 


m(«0 

d\m/a 


But     >     y(d)  =  0  unless  a  =  m,  so  that 

d\m 

6-5.  An  Application   of  the   Mobius   Inversion   Formula.     We  have 
shown  that  if  m  >  0,  m  =    >  4>{d).     Consequently, 


d\m 

m 


</>(ra)  = 

d\m 


5>3 


d\m 

Thus  if  ra  =  1,  then  <j>(m)  =  1,  but  if  m  =  pinip2n2  ■   ■   ■  prnr,  then 


/?l    I    1 

\  Pi 


0(m)  =  7?i  (  1  —   •  •  • H h  "  •  "  + 


Pr  PlZ>2  Pr-l??r  P1P2P3 

•+(-1)' * ) 

PlP2     '     '     •     Pr) 


and 

^..(i-l^i-i)..  .(1-1) 

EXERCISES 

1.  Is  it  necessary  for  the  truth  of  Theorem  6-12  that  /(ra)  and  g(m)  be  arithmetic 
functions? 
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2.  If  F(ri)  =  f]  f{d)  and  no  f(d)  is  0,  then/(n)  =  []  F(n/d)^dK     Prove  this  state- 

din  d\n 

ment  by  using  a  method  analogous  to  that  of  Sec.  6-5,  and  then  prove  it  by  taking  the 
logarithm  of  each  member  of  the  given  equation. 

m 

3.  Prove  that  for  any  positive  integer  m,       >    v(n)/n     <  1.        Consider  the  value 

n  =  l 
m 

of    V    (-  -  T-l)  together  with  Theorem  6-11.1 


n  =  l 


CHAPTER  7 
ON  BELONGING  TO  AN  EXPONENT 


7-1.  The  X  Function.     We  have  proved  that  for  any  integer  a  prime 
to  m 

a4>(m)  =  l(mod  m) 

In  solving  congruences,  moreover,  we  have  exhibited  some  cases  in  which 
a  positive  power,  smaller  than  <f>(m),  of  a  particular  integer  a  is  sufficient 
to  produce  1  modulo  m  even  when  a  ^  1.  Take,  for  example,  the  con- 
gruence x2  ss  l(mod  5),  which  has  the  solution  4,  as  well  as  1,  modulo  5, 
and  the  congruence  xz  =  l(mod  14),  with  solutions  9,  11,  and  1  modulo 
14.  It  is,  therefore,  important  to  ask  whether  there  is  a  positive  integer 
smaller  than  <f>(m)  and  yet  such  that  when  any  integer  prime  to  m  is  raised 
to  that  integral  power,  the  result  is  congruent  to  1  modulo  ra.  We  shall 
show  that  when  m  takes  any  form  except  2n  for  n  =  0,  1,  or  2,  andpnor 
2pn  for  p  an  odd  prime  and  n  >  0,  there  is  such  a  positive  integer.  For 
example,  consider  the  case  where  m  =  15.  Here  <f>(m)  =  8,  and  x8  = 
l(mod  15)  is,  of  course,  satisfied  by  all  integers  prime  to  15.  But  each 
one  of  these  integers  also  satisfies  the  congruence  xA  =  l(mod  15). 

Now  take  any  integer  a  prime  to  2.     Then  a  is  odd  and  has  the  form 
2k  -r-  1.     Hence, 

(2k  +  l)2  =  4fc(fc  +  1)  +  1 


or 

But 

or 

so  that 

In  like  manner,  if 

it  follows  that 

or 


a2  =  l(mod23) 

(a2)2  =  (l  +  23s)2 

a22  =  1  +  24s  +  2V 

a22  =  l(mod  24) 

a2t     =  l(mod  2k) 

a2"'1  m  l(mod2A:+1) 
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Hence,  we  conclude  that  if  n  >  2, 

a2n'2  =  l(mod  2n) 
which  means  that 

0*<2«)/2  =  l(mod2w) 

Consequently,  for  n  >  2  there  is  an  integer  smaller  than  <j>(2n)  such  that 
this  integral  power  of  any  integer  prime  to  2  yields  the  residue  1  for  the 
modulus  2n.  Accordingly,  we  proceed  to  give  a  name  to  this  number 
0(2n)/2  as  well  as  to  other  numbers  closely  related  to  <f>(m). 

It  was  R.  Carmichael  who  used  the  symbol  X(ra)  to  designate  the  arith- 
metic function  which  E.  Lucas  had  defined  as  follows: 

1.  If  m  =  2n  and  n  =  0,  1,  or  2,  X(ra)  =  <f>(m). 

2.  If  m  =  2n  and  n  >  2,  X(ra)  =  0(ra)/2. 

3.  li  m  =  pn,  p  being  an  odd  prime,  X(pn)  =  <£(pn). 

4.  If  m  =  2npiWl2>2n2  '  *  •  Prnr,  the  p4-,  where  i  =  1,  2,  .  .  .  ,  r,  being 
distinct  odd  primes,  then  X(m)  is  the  least  common  multiple  of  X(2n), 

X(pi»0,  •  •  •  ,  X(Prn'). 

Thus,  when  m  has  the  form  2n  for  n  =  0,  1,  or  2,  the  form  pn,  or  2pn  for 
n  >  0  and  p  an  odd  prime,  the  X  function  has  the  same  value  as  the 
0  function,  but  when  m  has  the  factor  2n  with  n  >  2,  or  22  and  an  odd 
prime  factor,  or  two  factors  that  are  powers  of  distinct  odd  primes,  the 
X  function  is  at  most  half  of  the  <f>  function. 

When  the  p^  where  i  =  1,  2,  .  .  .  ,  r,  are  odd  primes,  if  m  =  2npinip2n2 
•  •  •  prnr  and  (a,  m)  =  1,  we  know,  therefore,  that 

aX(2«)  =  i(mod2») 
auPini)  =  l(mod  pini) 

But  X(m)  is  a  multiple  of  each  of  the  functions  X(2n),  \(pini),  and  thus 
X(ra)/X(2n)  and  \(m) /\(pini)  are  integers.     Consequently, 

(axC2»))x<«)/x(2.)  =  i(mod2TC) 
and 

(aX(p^))X(m)/X(Pi"»)    =    l(mod  p.».) 

Finally,  since  2n,  pini,  .  .  .  ,  prnr  are  relatively  prime  in  pairs, 

ax(m)  =  i(mod  m) 

Therefore,  if  m  is  not  of  the  form  2n  for  n  =  0,  1,  or  2,  and  not  of  the  form 
pn  or  2pn  f or  n  >  0  and  p  an  odd  prime,  then  the  X  function  gives  a  better 
result  than  does  the  cf>  function.  It  is  on  this  account  often  advantageous 
to  have: 

Theorem  7-1.     For  (a,  m)  =  1,  aMm)  =  l(mod  m). 

Example.  Although  0(2800)  =  0(24)0(52)0(7)  =  960,  X(2800)  is  the 
least  common  multiple  of  4,  20,  and  6  and  is  only  60.  Hence,  for  (a,  2800) 
=  1,  a60  =  1  (mod  2800). 
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The  new  formula  is  useful  in  finding  the  remainder  in  the  division  by 
m  of  the  power  of  an  integer  prime  to  m  whenever  the  exponent  of  the 
power  lies  between  X(ra)  and  <f>(m).  Thus,  to  find  the  remainder  when 
714  is  divided  by  180,  we  start  with  712  =  l(mod  180),  for  X(180)  =  12. 
Then  72  =  49(mod  180),  and  714  =  49  (mod  180). 

7-2.  Belonging  to  an  Exponent  Modulo  m.  Since  there  is  always  at 
least  one  positive  power  of  a  particular  integer  a  prime  to  m  that  is  con- 
gruent to  1  modulo  m,  there  must  be  a  least  positive  integer  d  such  that 
ad  =  l(mod  ra).  We  call  this  integer  d  the  exponent  to  which  a  belongs 
modulo  m,  or  we  say  that  a  belongs  to  d  modulo  m.  For  example,  43  = 
l(mod  7),  while  42  =  2 (mod  7),  so  that  4  belongs  to  3  modulo  7.  Again, 
34  =  l(mod  5),  and  there  is  no  smaller  positive  power  of  3  which  is  con- 
gruent to  1  modulo  5.     Hence,  3  belongs  to  </>(5)  modulo  5. 

Theorem  7-2.  If  an  integer  a,  prime  to  m,  belongs  to  d  modulo  m,  and 
if  ak  =  l(mod  m),  then  d  divides  k. 

Suppose  that  k  =  qd  +  r,  where  0  <  r  <  d,  then 

ak  =  (ad)3  ■  ar(mod  m) 
that  is 

ar  =  l(mod  m) 

But  d  is  the  least  positive  exponent  such  that  ad  =  l(mod  ra),  and  there- 
fore r  =  0.     Consequently,  d  |  k. 

Corollary.  The  exponent  d  to  which  an  integer  a,  prime  to  m,  belongs 
modulo  m  is  a  divisor  of  4>(m)  and  of  X(m). 

This  corollary  shows  that  we  need  try  only  divisors  of  X(m)  to  find  the 
exponent  to  which  an  integer  belongs  modulo  m.  For  instance,  to  find 
the  exponent  to  which  7  belongs  modulo  55,  we  try  only  the  exponents 
2,  4,  5,  10,  and  20,  for  X(55)  =  20.  Thus  72  =  -6(mod  55),  74  = 
36(mod  55),  75  ^  32(mod  55),  710  ^  34(mod  55),  and  720  =  l(mod  55). 
Hence,  7  belongs  to  X(55)  modulo  55. 

In  1844  A.  L.  Crelle  gave  a  device  for  finding  the  exponent  to  which  an 
integer  a  belongs  modulo  m.  To  employ  this  method,  first  set  up  the 
integers  1,2,  .  .  .  ,  m  —  1  in  a  row,  and  under  1  put  rh  the  least  positive 
residue  modulo  m  of  the  integer  a ;  under  2  put  the  least  positive  residue 
Ti  of  n  +  a  =  2ri(mod  m);  under  3  put  the  least  positive  residue  of 
r2  +  a  =  r<t  +  ri(mod  m) ;  .   .  .  .     Then  the  resulting  table 

1      2      3      4     ...     m  -  1 

n     r2     r3     r4     ...     rm-i 

gives  in  order  in  the  second  row  the  residues  of 

rh  2ri,  3fi,  .  .  .  ,  (m  —  l)ri 
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modulo  m.  According  to  this  scheme  the  integer  r\  congruent  to  a 
modulo  m  is  under  1 ;  the  integer  congruent  to  a2  =  rx  •  ri(mod  m)  is 
under  t\\  and  likewise  the  integer  congruent  to  a8  =  t  •  ri(mod  m)  is 
under  t. 

Thus,  if  m  =  7  and  we  wish  to  find  the  exponent  to  which  3  belongs 
modulo  7,  we  form  the  table 

12     3     4     5     6 
3     6     2     5     14 

Then  3  =  3  (mod  7),  and  so  we  move  to  3  in  the  first  row.  We  find  2 
under  3,  and  hence  32  =  2 (mod  7).  Moving  to  2  in  the  first  row,  we  find 
6  under  it,  and  have  33  =  6 (mod  7).  Continuing  in  this  manner,  we  find 
34  =  4,  35  =  5,  and  36  =  l(mod  7).  The  integer  3,  therefore,  belongs  to 
6  modulo  7.  Moreover,  the  residues  of  the  first  six  positive  integral 
powers  of  3  are  in  order  3,  2,  6,  4,  5,  1,  and  it  is  evident  that  this  cycle  is 
repeated  as  the  exponent  of  3  is  increased  beyond  6  through  the  positive 
integers. 

If  an  integer  a  prime  to  m  belongs  to  d  modulo  m,  the  least  positive 
residues  of  the  powers  a,  a2,  a3,  .  .  .  ,  ad  of  a  taken  in  order  constitute  the 
period  of  a  modulo  m.  These  residues  are  distinct  modulo  m,  for  if 
as  =  a*  (mod  m)  with  s  >  t,  then  as~l  =  l(mod  m).  But  since  s  and  t 
have  only  the  values  1,2,  .  .  .  ,  d,  the  difference  s  —  t  is  less  than  d  and 
cannot  be  divisible  by  d.     Hence,  we  have  proved : 

Theorem  7-3.  If  an  integer  a  belongs  to  d  modulo  m,  the  integers  a, 
a2,  a3,  .  .  .  ,  ad  are  distinct  modulo  m. 

When  (a,  m)  =  1,  s  >  0,  and  as  =  b  (mod  m),  then  b  is  said  to  be  a 
power  residue  of  a  modulo  m.  Thus  Theorem  7-3  shows  that  if  a  belongs 
to  d  modulo  m,  the  first  d  power  residues  of  a  modulo  m  are  incongruent 
modulo  m.  Clearly,  they  constitute  the  power  residues  of  a  modulo  m. 
We  say,  then,  that  there  are  exactly  d  incongruent  integers  that  are  power 
residues  of  a  modulo  m,  omitting  amodulo  m"  after  "incongruent  integers/' 
for  there  can  be  no  confusion  about  the  required  modulus. 

EXERCISES 

1.  Find  the  exponents  to  which  5  and  7  belong  modulo  11. 

2.  Find  the  remainder  when  7182  is  divided  by  675. 

3.  Prove  that  if  a  and  b  are  prime  to  1729,  then  a36  —  636  is  divisible  by  1729. 

4.  If  p  is  a  prime,  (a,  p)  =  1,  and  ad  =  6d(mod  p),  where  d  is  the  least  positive 
exponent  for  which  the  congruence  is  true,  then  d  is  a  divisor  of  p  —  1. 

5.  If  a  belongs  to  d  modulo  p  an  odd  prime,  and  if  d  is  even,  then  ad/2  =  —  1  (mod  p). 

6.  If  p  is  an  odd  prime,  and  if  ak  =  —  l(mod  p),  where  k  is  the  least  positive 
integer  for  which  the  congruence  is  true,  then  2k  is  the  exponent  to  which  a  belongs 
modulo  p. 
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7.  Prove  that  if  the  integer  a,  where  0  <  a  <  p  —  2,  belongs  to  the  exponent  3 
modulo  p,  a  prime,  then  a  +  1  belongs  to  6  modulo  p. 

8.  If  the  integer  a  belongs  to  d  modulo  p,  a  prime,  show  that  the  product  of  all  the 
distinct  residues  of  the  powers  of  a  is  congruent  to  1  or  —  1  according  as  d  is  odd  or  even. 

9.  Show  that  x  =  baK(m)~1  (mod  m)  is  a  solution  of  ax  =  b (mod  m)  if  (a,  m)  =  1. 
10.   Compare  the  fact  that  the  powers  of  2  will  generate  all  the  solutions  of  x4 

=  l(mod  5)  with  the  corresponding  property  of  the  root  i  of  the  equation  x4  —  1  =  0. 
What  do  you  notice  about  the  other  solutions? 

Theorem  7-4.  If  an  integer  a  prime  to  p  belongs  to  d  modulo  p,  a 
prime,  there  are  exactly  <f>(d)  incongruent  integers  that  belong  to  d 
modulo  p. 

When  p  =  2,  d  has  only  the  value  1  and  then  the  integer  1  belongs  to 
1  modulo  2. 

When  p  is  an  odd  prime,  consider  the  congruence 

xd  =  l(mod  p) 

and  suppose  that  the  integer  a  belongs  to  d  modulo  p.  Then  each  integer 
of  the  set 

a,  a2,  az,  .  .  .  ,  ad 

is  prime  to  p  and  satisfies  the  congruence,  for 

(a8)*  =  (ad)s  =  l(mod  p) 

According  to  Theorem  7-3,  furthermore,  no  two  of  these  integers  are  con- 
gruent modulo  p.  Consequently,  these  powers  of  a  give  all  the  solutions 
of  xd  =  1  (mod  p) ,  for  the  modulus  is  a  prime  and  there  are,  therefore,  no 
more  than  d  solutions.  Hence,  any  integer  that  belongs  to  d  is  congruent 
modulo  p  to  an  integer  of  the  set  a,  a2,  ...  ,  ad,  and  none  of  these  integers 
belongs  to  an  exponent  greater  than  d. 

However,  if  (s,  d)  =  1,  as  belongs  to  d  modulo  p,  for  if  we  assume  that 
a8  belongs  to  k  <  d, 

(a8)k  ss  l(mod  p) 
and 

ask   ==    l(mo(l  p) 

But  since  a  belongs  to  d  modulo  p,  d  |  sk.  Hence,  d  \  k,  and  k  is  not  less 
than  d. 

On  the  other  hand,  if  (s,  d)  =  n  ^  1,  so  that  s  =  ns0,  d  =  nd0,  then 

(a8)do  ss  aSod  3=  l(mod  p) 

and  a8  does  not  belong  to  d  modulo  p,  for  d0  is  less  than  d. 

Since  there  are  <f>{d)  positive  integers  less  than  d  and  prime  to  d,  exactly 
<j>(d)  of  the  powers  a8,  where  s  =  1,  2,  .  .  .  ,  d,  belong  to  the  exponent 
d  modulo  p. 
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Corollary  1.  If  d  is  a  divisor  of  p  —  1  and  an  integer  a  belongs  to  d 
modulo  p,  a  prime,  the  solutions  of  xd  =  l(mod  p)  are  congruent  to 
a,  a2,  ...  ,  ad  modulo  p. 

Corollary  2.  If  d  is  a  divisor  of  p  —  1  and  an  integer  a  belongs  to  d 
modulo  p,  a  prime,  then  as  belongs  to  d  modulo  p  if  and  only  if  the  expo- 
nent s  is  prime  to  d. 

Corollary  3.  If  d  is  a  divisor  of  p  —  1  and  an  integer  a  belongs  to  d 
modulo  p,  a  prime,  then  as,  where  (s,  d)  =  n  ^  1,  belongs  to  the  exponent 
d/n  modulo  p. 

To  prove  Corollary  3,  notice  that  if  p  =  2,  d  can  be  only  1,  for  a  is  odd. 
In  the  case  of  an  odd  prime,  if  d  =  d0n,  we  saw  that 

(as)d°  ==  l(mod  p) 
Now  suppose  that 

(asY  =  l(mod  p) 

with  0  <  t  <  do.  Then  d  |  st.  But  if  s  =  s0n,  then  (s0,  do)  =  1,  and  it 
follows  that  do  \  t.  This  is  impossible  when  t  <  do.  Therefore,  t  =  do, 
and  as  belongs  to  do  modulo  p. 

Theorem  7-5.  When  (s,  t)  =  1,  if  a  belongs  to  s,  and  b  belongs  to  t 
modulo  m,  then  ab  belongs  to  st  modulo  m. 

We  know  that  as  =  l(mod  m)  and  ¥  =  l(mod  m),  so  that 

(ab)st  =  (a') '(&')'  =  l(mod  m) 

But  if  a6  belongs  to  k  modulo  m,  so  that 

(ab)k  =  l(mod  m) 

then  k  \  st  and  k  <  st.     Moreover, 

(ab)ks  =  bks  =  l(mod  m) 

and  therefore  t  \  ks,  so  that  t\k.     In  like  manner, 

(ab)kt  =  akt  =  l(mod  m) 

and  s  |  kt,  so  that  s  |  k.  Since  (s,  ^  =  1,  it  follows  that  st  |  k  and  s£  <  fc. 
Consequently,  k  =  st. 

Theorem  7-6  (H.  G.  Erlerus,  1841).  When  pi  and  p2  are  odd  primes, 
if  m  =  ai(mod  pi)  and  m  =  a2(mod  p2),  and  if  in  addition  ai  belongs  to 
di  modulo  pi  and  a2  belongs  to  d2  modulo  p2,  then  m  belongs  to  the  least 
common  multiple  of  d\  and  d2  for  the  modulus  pip2. 

Since  mdl  =  l(mod  pi)  and  m<*2  =  l(mod  p2),  if  L  is  the  least  common 
multiple  of  di  and  d2,  then 

(mdl)L/di  =  l(mod  pi) 
and 

(md*)L/d2  =  l(mod  p2) 
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Therefore, 

mL  =  l(mod  P1P2) 

But  if  m  belongs  to  k  modulo  P1P2,  the  last  congruence  implies  that  k  \  L. 
Again,  from 

mk  =  l(mod  P1P2) 
we  infer  that 

mk  =  l(mod  pi)         i  =  1,  2 

Therefore,  di  \  k,  d2\  k,  and  L  \  k.     Hence,  k  =  L. 

Examples.  Because  3  belongs  to  5  modulo  11  and  10  belongs  to  2  for 
the  same  modulus,  and  since  the  exponents  5  and  2  are  relatively  prime, 
it  is  evident  from  Theorem  7-5  that  30,  and  hence  8,  belongs  to  the  expo- 
nent 10  modulo  11. 

Again,  7  belongs  to  10  for  the  modulus  11,  and  5  belongs  to  4  modulo  13. 
Thus,  according  to  Theorem  7-6,  the  integer  18  belongs  to  20  modulo  143. 

EXERCISES 

1.  Find  an  integer  that  belongs  to  2  modulo  19  and  one  that  belongs  to  3  modulo  19. 
Using  these  results,  find  an  integer  that  belongs  to  6  modulo  19. 

2.  Set  up  the  least  positive  residues  of  the  powers  of  2,  3,  and  6  modulo  17. 

3.  Find  all  the  integers  that  belong  to  16  modulo  17. 

4.  Solve  the  congruences  x3  =  l(mod  7)  and  x10  =  l(mod  31). 

5.  Show  that  2  belongs  to  12  modulo  13,  and  thus  find  the  exponent  to  which  8 
belongs  modulo  13.     Do  any  other  integers  belong  to  this  exponent  modulo  13? 

6.  Find  the  integer  to  which  7  belongs  modulo  5  and  modulo  11.  Then  determine 
the  integer  to  which  7  belongs  modulo  55. 

7.  When  p  is  a  prime,  if  a  and  b  are  prime  to  p,  and  if  a  =  b  (mod  pn),  show  that 
a?  =  6p(mod  pn+1),  and  hence  by  induction  that  apr  =  6pr(mod  pn+r). 

8.  When  the  modulus  m  is  composite,  prove  theorems  analogous  to  Corollaries  2  and 
3  of  Theorem  7-4. 

9.  If  pi  =  2  and  p2  is  an  odd  prime,  does  Theorem  7-6  hold?  Generalize  the 
theorem. 

7-3.  Another  Test  for  a  Prime.  If  we  can  find  one  integer  a  prime  to 
the  integer  m  and  satisfying  the  condition 

am~l  =  l(mod  m) 

is  it  true  that  m  is  a  prime?  This  question  is  easily  answered,  for  X (21)  = 
6,  and  so  a6  =  l(mod  21)  for  all  integers  a  that  are  prime  to  21.  Thus 
26  -  l(mod  21),  and  82  =  l(mod  21).  Hence,  820  =  l(mod21),  and  yet 
21  is  not  a  prime. 

Is  it  even  true  that  m  is  a  prime  if,  for  all  a  that  are  prime  to  m, 

am-i  s  i(mod  m) 
Again  we  can  answer  negatively  by  showing  a  case  in  which  the  hypothesis 
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is  fulfilled  but  where  m  is  a  composite.  Any  integer  a  prime  to  561  = 
3(11)  (17)  satisfies  the  congruence 

a80  =  1  (mod  561) 

because  X(561)  =  80.     Consequently, 

a56o  _  i(mod  561) 

Thus  the  exact  converse  of  Fermat's  theorem  is  not  true. 

An  important  test  for  a  prime  can,  nevertheless,  be  derived  from  these 
ideas.  The  following  theorem  was  first  proved  by  Lucas*  in  1876,  and 
from  it  powerful  methods  for  deciding  the  primality  of  integers  having 
certain  forms  have  been  developed : 

Theorem  7-7.  If  an  integer  a  is  prime  to  an  integer  m  greater  than  1, 
and  if  am~l  =  l(mod  m)  although  there  is  no  positive  integer  k  less  than 
m  —  1  and  such  that  ak  =  l(mod  m),  then  m  is  a  prime. 

Assuming  that  m  >  1  is  composite,  since  (a,  m)  =  1, 

But  0(m)  <  m  —  1  because  m  has  a  factor  between  1  and  m.  Therefore, 
m  is  a  prime. 

Actually,  by  virtue  of  Theorem  7-2,  in  applying  this  test  for  a  prime  we 
need  evaluate  only  those  powers  ak  for  which  k  is  a  divisor  of  m  —  1. 

Example.  To  test  47  for  a  prime,  we  can  make  use  of  the  fact  that  2 
belongs  to  23  and  46  belongs  to  2  modulo  47  and  determine  by  Theorem 
7-5  that  2  •  46  =  45  (mod  47)  belongs  to  23  •  2  =  46  for  the  modulus  47. 
Or  we  may  reason  that  since  the  divisors  of  46  are  only  1,  2,  23,  and  46, 
and  because  4523  =  (47  -  2)23  =  (-2)23  =  -l(mod  47),  so  that  45  does 
not  belong  to  1,  2,  or  23,  then  the  integer  45  belongs  to  46  modulo  47. 
Hence,  by  virtue  of  Theorem  7-7,  47  is  a  prime. 

7-4.  Primitive  Roots.  Is  there  a  positive  integer  k  smaller  than  X(m) 
and  satisfying  the  condition  that,  for  any  integer  a  prime  to  m,  ak  = 
l(mod  m)?  The  answer  has  been  completely  determined  because  Gauss 
showed  that  exactly  <£(</>(m))  integers  belong  to  </>(m)  if  m  is  2n,  with 
n  =  0,  1,  or  2,  or  if  m  is  pn  or  2pn,  where  n  >  0  and  p  is  an  odd  prime,  and 
R.  Carmichael  showed  that  for  all  other  moduli  there  is  at  least  one  integer 
that  belongs  to  X(m).  Consequently,  there  is  no  positive  integer  k 
smaller  than  X(m)  and  such  that,  for  all  integers  prime  to  m,  ak  = 
l(mod  m).     We  shall  proceed  to  develop  these  ideas. 

We  call  an  integer  that  belongs  to  4>{m)  modulo  m  a  primitive  root  of  m 
or  a  primitive  root  modulo  m.  It  is  evident  that  1  is  a  primitive  root  of  1 
and  2  and  that  3  is  a  primitive  root  of  22.  There  are  no  other  primitive 
roots  of  these  moduli. 

*  E.  Lucas,  Am.  J.  Math.,  Vol.  1,  p.  301,  1878. 
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Theorem  7-8.  There  are  exactly  0(p  —  1)  incongruent  integers  that 
are  primitive  roots  modulo  p,  an  odd  prime. 

Of  course  when  d  is  a  divisor  of  p  —  1,  as  far  as  we  have  proved,  no 
integer  need  belong  to  d  modulo  p,  but  we  have  shown  that  if  one  integer 
does  belong  to  d  for  the  modulus  p,  exactly  <f>(d)  incongruent  integers 
modulo  p  belong  to  d.  Therefore,  if  we  let  \p{d)  represent  the  number  of 
integers  from  1  through  p  —  1  that  belong  to  d  modulo  p, 

m)  <  0(d) 

Besides,  each  integer  from  1  through  p  that  is  prime  to  p  belongs  to  one 
and  only  one  exponent  for  the  modulus  p,  and  this  exponent  must  be  a 
divisor  of  p  —  1.     It  is  thus  evident  that 

0(<«  +  0(d2)  +   •  •  •   +  Hdr)  =  V  -  1 

where  the  di,  with  i  =  1,  2,  .  .  .  ,  r,  are  the  distinct  positive  divisors  of 
p  —  1.     But  we  have  also  shown  that 

4>(di)  +  <f>(d2)  +  ■  •  •  +  <f>(dr)  =  p  -  1 

Because  no  yp{dz)  can  exceed  the  corresponding  0(d/),  if  any  \p(di)  were  less 
than  the  corresponding  0((&),  these  statements  could  not  both  be  true. 
Therefore,  for  all  i, 

f(di)  =  0(cfc) 

In  particular  when  the  divisor  d  is  p  —  1  itself,  there  are  exactly 
cf)(p  —  1)  =  4>(cf>(p))  incongruent  integers  that  belong  top  —  1  modulo  p. 

Corollary.  If  p  is  an  odd  prime  and  d  is  a  divisor  of  p  —  1,  0(d)  of  the 
integers  from  1  through  p  —  1  belong  to  d  modulo  p. 

Example.  We  shall  find  the  primitive  roots  of  17  and  the  integers 
that  belong  to  the  divisors  of  0(17)  =  16.  Using  Crelle's  method,  we  see 
that  for  the  modulus  17  the  powers  of  3  give  the  residues 

3,  9,  10,  13,  5,  15,  11,  16,  14,  8,  7,  4,  12,  2,  6,  1 

It  is  clear,  then,  that  the  primitive  roots  of  17  determined  by  the  powers 
of  3  having  exponents  prime  to  16  are  3,  33,  35,  37,  39,  311,  313,  315  and 
reduce  to  3,  10,  5,  11,  14,  7,  12,  and  6,  respectively,  for  the  modulus  17. 
Notice  that  32  =  9(mod  17)  belongs  to  the  exponent  8  modulo  17,  for 
(2,  16)  =  2  and  ^-  =  8.  Moreover,  the  other  integers  that  belong  to  8 
modulo  17  are  of  the  form  3s,  where  (s,  16)  =  2.  Hence,  s  =  6,  10,  and 
14.  The  integers  are,  therefore,  36,  310,  and  314,  and  they  reduce  to  15, 
8,  and  2  modulo  17.  In  like  manner  we  can  find  the  integers  that  belong 
to  4  modulo  17,  for  in  this  case  (s,  16)  =  4.  Thus  34  and  312  belong  to 
4  modulo  17.  There  is  just  one  integer  that  belongs  to  2,  and  it  is 
38  =  16(mod  17). 
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EXERCISES 

1.  Find  all  primitive  roots  of  p  =  5,  7,  11,  and  13. 

2.  Prove  that  the  product  of  all  the  integers  that  belong  to  a  particular  exponent 
d  >  2  modulo  p,  an  odd  prime,  is  congruent  to  1  modulo  p. 

3.  Show  that  2341  —  2  is  divisible  by  341  even  though  341  is  not  a  prime. 

4.  Find  by  trial  composites  m  other  than  561  such  that  am_1  =  l(mod  m)  for  all 
integers  prime  to  m. 

7-5.  Gauss'  Method  for  Finding  a  Primitive  Root  Modulo  p.  To  find 
a  primitive  root  of  a  prime  p,  first  choose  any  integer  a\  prime  to  p,  and 
find  the  exponent  di  to  which  a\  belongs  modulo  p.  If  d\  is  not  p  —  1, 
find  the  least  positive  residues  of 

oi,  «i2,  aiz,  •  •  •  ,  a\dx 

modulo  p.  None  of  these  integers  is  a  primitive  root  of  p  since  each  one 
satisfies  the  congruence 

xdl  =  l(mod  p) 

Now  select  any  positive  integer  a2  less  than  p  and  not  one  of  the  residues 
of  the  powers  of  a±.  Then  if  a2  is  not  a  primitive  root  of  p,  a2  belongs  to 
some  d2  modulo  p. 

The  exponent  d2  cannot  be  a  divisor  of  d\,  for  if  d\  =  kd2, 

ahd%  =  l(mod  p) 

and  a:  =  a2(mod  p)  would  be  a  solution  of  xdl  =  l(mod  p),  which  is 
impossible  because  the  powers  of  a\  determine  all  the  solutions  of  this 
congruence. 

If  d2  is  a  multiple  of  dh  but  not  p  —  1,  we  have  found  an  integer  that 
belongs  to  an  exponent  modulo  p  that  is  greater  than  d\. 

If  (di,  d2)  =  I,  then  axa2  belongs  to  d\d2  modulo  p. 

lib  =  (di,  d2)  and  b  is  neither  1  nor  di,  factor  b  into  powers  of  distinct 
primes  so  that  b  =  pinip2n*  •  •  •  prnr.  Then  separate  b  into  two  rela- 
tively prime  factors  bi  and  b2  by  taking  pini  as  a  factor  of  b  i  or  b  2  according 
as  di  or  d2  contains  the  lower  power  of  p^  If  the  power  of  Pi  is  the  same 
in  both  di  and  d2,  take  pini  as  a  factor  of  either  bi  or  b2. 

Then  according  to  Corollary  3  of  Theorem  7-4,  aibl  belongs  to  di/bi,  and 
a2h2  belongs  to  d2/b2  modulo  p.  However,  ((di/bi),  (d2/b2))  =  1,  for  if 
di  =  bdoi  and  d2  =  bd02,  then  (d0h  d02)  =  1.  Moreover,  di/bi  =  b2d0i, 
and  d2/b2  =  bid02,  and  we  know  that  (b1}  b2)  =  1.  But  (6i,  d0i)  =  1  also, 
for  if  ps  is  the  highest  power  of  any  prime  in  bh  it  is  the  highest  power  of 
p  that  is  a  factor  of  d\  and  thus  p  does  not  divide  d0i.  In  like  manner, 
(b2,  d02)  =  1.  Consequently,  the  product  aibla2bi  belongs  to  did2/bib2  = 
d\d2/b,  modulo  p,  and  this  exponent  is  the  least  common  multiple  of 
d\  and  d2. 
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Thus  under  any  circumstances  we  have  found  an  integer  that  belongs 
to  an  exponent  modulo  p  larger  than  d\.  After  setting  up  the  power 
residues  of  this  integer,  we  continue  as  before  by  choosing  a  positive 
integer  less  than  p  but  not  among  any  of  the  power  residues  thus  far 
determined.  After  proceeding  for  a  finite  number  of  steps,  we  must  find 
an  integer  that  belongs  to  p  —  1  modulo  p. 

Example.  To  find  a  primitive  root  of  41,  first  find  the  power  residues 
of  2  modulo  41.  These  residues  of  2,  22,  .  .  .  ,  210  are  in  order  2,  4,  8, 
16,  32,  23,  5,  10,  20,  40.  Since  210  =  -  l(mod  41),  the  remaining  residues 
are  the  negatives  of  these  integers,  and  2,  therefore,  belongs  to  20  modulo 
41. 

Because  the  integer  3  does  not  occur  among  the  power  residues  of  2,  we 
determine  the  power  residues  of  3  modulo  41.  They  are  3,  9,  27,  40,  —3, 
—  9,  —27,  —40.     Consequently,  3  belongs  to  8  modulo  41. 

Since  (20,  8)  =  4,  we  use  the  factors  4  and  1  as  &i  and  b2.  We  know 
that  24  belongs  to  5  and  3  belongs  to  8  modulo  41.  Consequently, 
16  •  3  =  7  (mod  41)  belongs  to  the  least  common  multiple  of  5  and  8  and 
is,  therefore,  a  primitive  root  of  41. 

The  power  residues  of  7  modulo  41  are 

7,    8,  15,  23,  38,  20,  17,  37,  13,    9 
22,  31,  12,    2,  14,  16,  30,    5,  35,  40 

and  the  negatives  of  the  above  integers  taken  in  order. 

7-6.  Primitive  Roots  Modulo  pn  and  2pn 

Theorem  7-9.  If  p  is  an  odd  prime,  there  are  just  <f>(<j>(pn))  incon- 
gruent  primitive  roots  modulo  pn. 

Suppose  that  the  integer  a  is  a  primitive  root  modulo  p.  This  state- 
ment means,  of  course,  that  every  integer  in  the  class  with  a  belongs  to 
the  exponent  p  —  1  for  the  modulus  p.  We  shall  show  that  we  can  choose 
an  integer  in  this  residue  class  that  is  a  primitive  root  of  pn.  Specifically, 
if 

ap-i  =£  i(mod  p2) 

we  shall  prove  that  a  is  a  primitive  root  modulo  pn,  but  if 

aP-1  =  l(mod  p'2) 

we  shall  prove  that  k  can  be  so  chosen  that  the  integer  a  +  kp  satisfies 
the  condition 

(a  +  kpY~l  ?£  l(mod  p2) 

and  that  this  integer  is  a  primitive  root  of  pn. 

First,  let  us  suppose  that  when  a  belongs  to  p  —  1  modulo  p,  av~l  s 
l(modp2).     Then 
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(a  +  kp)p~l  =  a?-1  +  (p  -  l)ap~2kp  +  •  •  •  +  (fcp^-^mod  p2) 
=  1  —  ap~2/cp  (mod  p2) 

and  consequently  (a  +  kp)p~l  is  congruent  to  1  modulo  p2  if  and  only  if  k 
is  divisible  by  p.  If  we,  therefore,  choose  k  prime  to  p,  then  a  +  /cp  will 
not  only  belong  to  p  —  1  modulo  p  but 

(a  +  ftp)*'-1  ^  l(mod  p2) 

that  is,  there  is  always  a  primitive  root  r  =  a  +  kp  of  p  such  that  rp_1  ^ 
l(mod  p2). 

It  is  true  that  since  (r,  p)  =  1,  r<^n)  =  l(mod  pn).  But  does  r  belong 
to  an  exponent  t  modulo  pn  smaller  than  4>(pn)?  If  so,  t  is  a  divisor  of 
4>(pn)  =  pn~l(p  —  1).  More  than  that,  since  it  is  necessarily  true  that 
r*  =  l(mod  p)  and  r  belongs  to  p  —  1  modulo  p,  it  is  clear  that  p  —  1 
divides  if.  Hence,  £  has  the  form  ps(p  —  1)  with  s  =  0,  1,  2,  .  .  .  ,  or 
w  —  1.  But  if  s  did  not  exceed  n  —  2,  we  could  raise  each  member  of  the 
congruence  r*  =  l(mod  pn)  to  the  pn~2~s  power  and  obtain 

rpn-2(p-l)     _     l(m()(J    pn) 

We  shall  show,  however,  that  the  last  congruence  cannot  be  true  and 
hence  that  r  cannot  belong  to  an  exponent  less  than  </>(pn)  modulo  pn. 
To  do  so,  use  the  fact  that 

rv-i  ==  i(mod  <p) 
in  the  form  rp~l  =  1  +  cp,  where  (c,  p)  =  1.     Then 


(rp-iyn-*  =  (1  +  cp)pn_2(niod  p") 

n-2  _   ^ 

+  (cp) ;,n_2(mod  pn) 


^    1    +  p^Cp    +   ^ ^_ ii    (cp)2  + 


The  (m  +  l)st  term  of  this  expansion  is 

pn-2(pn-2    _    j)     .     .  (pn-2    -    m   +    1) 

:  1/    p 

m! 
and  it  is  obviously  a  multiple  of  pn  if  m  >  2  and  if  (m,  p)  =  1,  for 

(pn-2    -    1)     .     •     .     (yn-2    _   m  +   j)      . 

— t ^T-= is  an  integer.     But  n   m  =  fcp'  with 

(m  —  1): 

(k,  p)  =  1,  the  expression  will  not  be  a  multiple  of  p"  unless  p»-'2-'  •  pA^'  > 

pn,  that  is,  unless  n  —  2  —  t  -{-  kpl  >  n.     But  fcp*  >  t  +  2.     Each  term 

after  the  second  of  the  expansion  is,  therefore,  a  multiple  of  pn. 

Hence,  f or  n  >  3 


rp»-2(p-l)    =    I    _j_   pn-lc(mo(J   pn) 
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and  because  (c,  p)  =  1, 

rp»-HP-i)  =£  i(mod  pn) 

If  n  =  2,  we  know  that 

rp-x  ^  l(mod  p2) 
whereas 

rp(P-i)  =  i(mod  p2) 

Consequently,  r  is  a  primitive  root  modulo  pn,  where  n  >  1. 
Now  consider  the  congruence 

£3>»-i(p-i)  ==  l(mod  pn) 

Each  of  the  integers 

y     y2  yPn_1(p—  1) 

satisfies  this  congruence,  and  each  of  them  is  prime  to  p.  They  are, 
moreover,  incongruent  modulo  pn,  for  if 

ru  s  rv(mod  pn)         w,  u  =  1,  2,  .  .  .  ,  pn~1(p  —  1) 

assuming  u  >  v,  we  conclude  that  rw_"  =  l(mod  pn).  This  result  is 
impossible  because  u  —  v  is  less  than  pn~1(p  —  1).  Hence,  these  </>(pn) 
integers  are  distinct  solutions  modulo  pn  of  the  conditional  congruence. 
But  only  integers  prime  to  p  can  be  solutions  of  this  congruence,  and  since 
there  are  exactly  <t>{pn)  integers  from  1  through  pn  that  are  prime  to  p,  we 
have  found  all  the  solutions. 

Furthermore,  the  integers  that  belong  to  4>{pn)  modulo  pn  must  be 
among  the  solutions  of  the  given  congruence.  By  arguing  just  as  we  did 
in  Theorem  7-4,  we  can  show  that  rs  belongs  to  <i>{pn)  modulo  pn  if  and 
only  if  s  is  prime  to  pn~1(p  —  1).  There  are,  then,  exactly  <f>(4>(pn)) 
incongruent  integers  that  are  primitive  roots  modulo  pn. 

Example.  We  have  already  shown  that  3  is  a  primitive  root  of  17. 
But  316  =  171  (mod  289).  Accordingly,  3  is  a  primitive  root  of  172  since 
316  ^  l(mod  289).  Furthermore,  the  powers  of  3  having  exponents 
prime  to  0(172)  =  (17)  (16)  constitute  the  complete  set  of  distinct  primi- 
tive roots  of  172.     There  are  exactly  0(272)  =  128  of  them. 

The  theorem  shows,  moreover,  that  because  316  ^  l(mod  289),  3  is  a 
primitive  root  of  173,  174,   .... 

EXERCISES 

1.  Find  all  the  primitive  roots  of  52  and  53. 

2.  Find  the  primitive  roots  of  49.  Find  also  all  the  integers  that  belong  to  the 
exponent  6  modulo  49.     Find  a  primitive  root  of  343. 

3.  If  p  is  an  odd  prime,  prove  that  any  primitive  root  of  pn  is  a  primitive  root  of  p. 
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4.  Prove  that  if  p  is  a  prime  and  an  integer  a  prime  to  p  belongs  to  the  exponent 
d  modulo  p,  and  if  ph  is  the  highest  power  of  p  that  divides  ad  —  \ ,  then  a  belongs  to  the 
exponent  dpn~h  modulo  pn  for  n  >  h. 

5.  If  p  is  an  odd  prime,  prove  that  the  product  of  two  primitive  roots  modulo  pn  is 
not  a  primitive  root  modulo  pn. 

6.  If  r  belongs  to  <j>(pn)  modulo  pn  and  (s,  <t>(pn))  =  d  ?*  1,  does  r8  belong  to  <f>(pn)/d 
modulo  pn? 

Theorem  7-10.  There  are  exactly  cf>(<j>(2pn))  incongruent  primitive 
roots  modulo  2pn. 

Any  integer  that  satisfies  the  congruence 


.<f>(2pn) 


l(mod  2pn) 


is  necessarily  odd,  and  so  a  primitive  root  of  2pn  must  be  odd.  But  if  an 
odd  integer  a  belongs  to  4>{2pn)  =  pn~l(p  —  1)  modulo  2pn,  it  is  a  primi- 
tive root  of  pn,  for 

apn-i(P-i)  =  i(mod  2pn) 

implies  that 

ap--i(p-D  =  i(mod  pn) 

and  if  a  belonged  to  d  <  pn~1(p  —  1)  modulo  pn,  then  since  a  is  odd, 
ad  =  l(mod  2pn).  The  last  congruence  is,  of  course,  impossible,  for  a  is 
a  primitive  root  of  2pn.  We  must,  therefore,  look  for  the  primitive  roots 
of  2pn  among  the  primitive  roots  of  pn. 

But  if  r  is  an  odd  primitive  root  of  pn,  it  is  a  primitive  root  of  2pn,  for 
r+(pn)  —  1  is  divisible  by  2  as  well  as  by  pn,  and  if  r  belonged  to  an  exponent 
smaller  than  4>(2pn)  modulo  2pn,  it  would  belong  to  that  exponent 
modulo  pn. 

Moreover,  if  r  is  an  even  primitive  root  of  pn,  the  integer  r  +  pn,  which 
is  also  a  primitive  root  of  pn  because  it  is  in  the  same  residue  class  as  r 
modulo  pn,  is  odd  and  is  of  necessity  a  primitive  root  of  2pn. 

We  have  shown,  therefore,  that  a  primitive  root  of  pn  is  a  primitive 
root  of  2pn  if  and  only  if  it  is  an  odd  integer. 

It  is  evident,  furthermore,  that  two  odd  primitive  roots  of  pn  that  are 
in  the  same  residue  class  modulo  pn  are  congruent  modulo  2pn.  On  the 
other  hand,  if  two  of  the  <f>(<f>(pn))  odd  primitive  roots  modulo  pn  selected 
one  from  each  of  the  residue  classes  modulo  pn  were  congruent  modulo 
2pn,  they  would  be  congruent  modulo  pn.  There  are,  therefore,  exactly 
(f>(<l>(2pn))  incongruent  primitive  roots  of  2pn. 

Example.  We  have  shown  that  3  is  a  primitive  root  of  172.  It  is  also 
a  primitive  root  of  2(172)  =  578,  for  it  is  odd. 

In  like  manner  33  and  35  are  primitive  roots  of  578.  But  37  = 
166(mod  289)  and  is,  therefore,  an  even  primitive  root  of  289.  It  is  not  a 
primitive  root  of  578,  but  the  odd  number  166  +  289  =  455,  which  is  in 
the  same  class  as  166  modulo  289,  is  a  primitive  root  of  578.     Again,  39  = 
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49(mod  289)  is  a  primitive  root  of  578,  and  although  311  =  152(mod  289) 
is  not  a  primitive  root  of  578,  it  yields  152  +  289  =  441,  which  is.  There 
are  in  all  0(272)  =  128  incongruent  primitive  roots  of  578. 

EXERCISES 

1.  Find  all  the  primitive  roots  of  50  and  250. 

2.  Find  the  primitive  roots  of  98.  Determine  the  integers  that  belong  to  the 
exponent  3  modulo  98.     Find  a  primitive  root  of  686. 

3.  Prove  that  the  congruence  x^2?")  =  l(mod  2pn)  has  exactly  4>{2pn)  solutions 
modulo  2pn  if  p  is  an  odd  prime. 

4.  If  r  is  a  primitive  root  of  2pn,  p  being  an  odd  prime,  show  that  r8  belongs  to 
<f>(2pn)  if  and  only  if  (s,<j>(2pn))  =  1.  Prove,  furthermore,  that  if  (s,(j>(2pn))  =  d,  then 
rs  belongs  to  <p(2pn)/d  modulo  2pn. 

5.  Show  that  if  p  is  an  odd  prime,  the  product  of  two  primitive  roots  modulo  2pn  is 
not  a  primitive  root  of  2pn. 

7-7.  Primitive  X  Roots.  R.  Carmichael  called  integers  that  belong  to 
X(m)  for  the  modulus  m  "primitive  X  roots  of  m.* 

When  m  =  2n,  where  n  >  2,  the  integer  3  always  belongs  to  X(2n)  = 
2n-2  modulo  2n,  for  if  3  belonged  to  a  smaller  exponent,  32""3  would  have 
to  be  congruent  to  1  modulo  2n.  That  this  relation  is  not  true  is  evident 
from  the  following  argument:  According  to  the  binomial  expansion, 

(22  -  I)*-3  =  i  _  2n~3  •  22  +  2*-4(2"-3  -  1)24  -    •   •  •   +  22n-2(mod  2") 

so  that,  for  n  >  3, 

32n-3  s  X  _  2»-i(mod  2n) 

and  hence  in  this  case  32n"3  ^  l(mod  2n).  When  n  =  3,  X(23)  =  2  and 
it  is  obvious  that  3  belongs  to  2  modulo  23. 

Because  a  primitive  root  is  necessarily  a  primitive  X  root,  we  have  now 
shown  that  there  is  a  primitive  X  root  for  every  modulus  of  the  form  pn 
with  p  a  prime.  On  this  basis  R.  Carmichael  proved  by  induction  that 
there  is  always  a  primitive  X  root  of  m.  He  showed  that  if  n  is  a  primi- 
tive X  root  of  mi  =  pinip2n2  ■  *  ■  Pk-ink-1  and  r2  is  a  primitive  X  root  of 
pkn*,  where  the  pi}  with  i  =  1,  2,  .  .  .  ,  k,  are  distinct  primes,  then  an 
integer  r  that  satisfies  both  the  congruences 

x  =  ri(mod  mi) 
and 

x  si  r2(mod  pkn") 

is  a  primitive  X  root  of  m  =  mipknk.  To  show  that  this  statement  is  true, 
suppose  that  r  belongs  to  s  for  the  modulus  m.     Then 

rs  ss  l(mod  mi) 

*  R.  Carmichael,  Bull  Am.  Math.  Soc,  Vol.  16,  No.  2,  pp.  232-238,  1909-1910. 
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and 

rs  =  l(mod  pkUk) 

But  r  belongs  to  A  (mi)  modulo  mi  and  to  \{pknk)  for  the  modulus  p&n*. 
Therefore,  both  A  (mi)  and  \(pknk)  divide  s.  This  means  that  the  smallest 
s  can  be  is  the  least  common  multiple  of  A  (mi)  and  \(pknk).  This  integer 
is  exactly  A(m).  It  is  true,  moreover,  that  rX(m)  =  l(mod  m)  since 
(r,  m)  =  1.     Therefore,  r  is  a  primitive  A  root  modulo  m. 

Carmichael  also  showed  that  when  r  is  a  primitive  A  root  of  m,  the 
powers  of  r  whose  exponents  are  prime  to  A(m)  give  </>(A(m))  incongruent 
primitive  A  roots  of  m,  and  the  product  of  these  A  roots  is  congruent  to 

I  modulo  m.  These  powers  of  r  do  not  necessarily  yield  all  the  primitive 
A  roots  of  m,  but  the  same  powers  of  another  primitive  A  root  will  either 
repeat  in  some  order  the  results  obtained  from  r  or  give  </>(A(m))  different 
primitive  A  roots  of  m  distinct  from  those  generated  by  r. 

Although  the  theory  of  numbers  is  a  branch  of  mathematics  that  we 
evaluate  on  the  basis  of  the  profundity  of  its  truths  and  the  variety  and 
simplicity  of  its  methods  rather  than  on  its  applicability  to  practical 
problems,  yet  it  is  interesting  to  observe  that  in  1935  H.  P.  Lawther 
showed  how  the  theory  of  primitive  roots  and  primitive  A  roots  can  be 
applied  to  the  problem  of  splicing  telephone  cables.* 

Example.  To  find  a  primitive  A  root  of  21,  we  first  find  a  primitive 
root  of  7  and  also  of  3.  It  can  be  easily  verified  that  3  belongs  to  6 
modulo  7  and  that  2  belongs  to  2  modulo  3.  We  then  find  the  common 
solution  of  the  congruences 

x  =  3  (mod  7) 
x  =  2 (mod  3) 

The  solution  is  x  =  17 (mod  21),  and  this  integer  is  a  primitive  A  root  of  21. 
If  we  now  find  the  powers  of  17  that  have  exponents  prime  to  A  (21)  =  6, 
we  have  a  set  of  0(6)  =2  primitive  A  roots  of  21.     They  are  17  and 
175  =  5(mod  21). 

There  are  but  two  incongruent  primitive  roots  of  7,  and  they  are  3  and 
5.  When  we  use  the  integer  5  with  the  only  primitive  root  of  3  to  form 
the  set  of  congruences 

x  =  5  (mod  7) 
x  =  2(mod  3) 

we  find  that  the  solution  is  x  =  5  (mod  21).  But  the  set  of  powers,  5  and 
55,  repeat  the  two  primitive  A  roots  of  21  already  found.  This  situation, 
however,  does  not  mean  that  there  are  no  other  primitive  A  roots  of  21, 
for  the  number  2  belongs  to  6  modulo  21.     Moreover,   2  and  25  = 

II  (mod  21)  form  a  new  set  of  two  primitive  A  roots  of  21. 

*  H.  P.  Lawther,  Jr.,  Am.  Math.  Monthly,  Vol.  42,  No.  2,  pp.  81-91,  1935. 
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EXERCISES 


1.  Prove  that  if  r  is  a  primitive  X  root  of  m,  the  powers  of  r  having  exponents  prime 
to  X(ra)  are  primitive  X  roots  of  m. 

2.  Prove  that  if  X(m)  >  2,  the  product  of  all  the  incongruent  primitive  X  roots  of  m 
is  congruent  to  1  modulo  m. 

7-8.  Integers  Belonging  to  a  Divisor  of  X(2n)  Modulo  2n 
*Theorem  7-11.     If  n  >  3  and  d,  not  2,  divides  2n~2,  then  there  are 
exactly  d  incongruent  integers  that  belong  to  d  modulo  2n,  but  if  d  =  2, 
there  are  just  three  incongruent  integers  that  belong  to  d  modulo  2\ 

We  have  shown  that  the  integer  3  is  a  primitive  X  root  of  2n  if  n  >  3. 
On  this  basis  we  shall  show  that  for  the  modulus  2n  any  integer  having 
the  form  8/c  +  3  cannot  belong  to  an  exponent  smaller  than  2n_2.  If 
n  >  3, 

(8/c  ±  3)2"-3  =  (3  +  8/c)2"-3  =  32n~3  ±  2*-3(3)2"-3-1(23£0  +   •  •  • 

±  2W~3  ■  3(23/c)2-3-1  +  (23/c)2-3(mod  2") 
Hence, 

(8k  ±  3)2"-3  =  32"~3(mod  2") 

But  since  32n"3  ^  l(mod  2n),  8/c  ±  3  belongs  to  2M"2  modulo  2n  if  n  >  3. 
Consequently,  in  this  case  there  are  at  least  2n_2  integers  belonging  to 
X(2n)  modulo  2n,  for,  in  the  expression  8/c  +  3,  k  can  have  the  values 
0,  1,  2,  .  .  .  ,  2n~3  -  1  and,  in  8/c  -  3,  k  can  be  1,  2,  ...  ,  2"-3,  thereby 
yielding  all  positive  integers  of  the  required  form  that  are  less  than  2\ 

If  n  =  3,  it  is  obvious  that  3  and  5  belong  to  X(23)  =  2  modulo  23. 
But  besides  these  two  integers  the  integer  7  =  23  —  1  is  a  primitive 
X  root  of  23.  Consequently,  three  incongruent  integers  belong  to  X(23) 
modulo  23. 

Again,  if  n  >  3,  we  can  prove  that  for  the  modulus  2n  all  integers 
having  the  form  8/c  ±  1,  in  which  k  is  prime  to  2,  belong  to  the  exponent 
2"~3,  for 

(8/c  ±  l)2""3  =  1  +  2"-3(23/c)  +   •  •  •   +  (23/c)2"-3(mod  2") 
=  l(mod  2n) 

On  the  other  hand,  if  n  >  4, 

(8/c  ±  I)2"-4  s  1  +  2"-4(23/c)  +  2"-5(2—4  -  1)(23A02  ±   •  •  • 

+  (23A-)2n_4(mod  2n) 
=  1  ±  2""1/c(mod  2n) 

Hence,  if  (/c,  2)  =  1  and  n  >  4,  the  integers  8k  ±  1  belong  to  the  expo- 
nent 2n_3  modulo  2n.  Moreover,  in  this  case  values  of  k  that  are  prime 
to  2  can  be  chosen  from  the  integers  1,2,3 2n_3  in  4>(2n~s)  ways, 
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and  thus  the  form  8k  ±  1  yields  20(2n_3)  =  2n_3  integers  from  1  through 
2"  that  belong  to  2n_3  modulo  2n.     But  if  n  —  4,  not  only  the  integers  9 
and  7  belong  to  2  modulo  24,  but  also  24  —  1  =  15  belongs  to  2  modulo  24. 
We  observe,  moreover,  that  if  k  =  2r  with  (r,  2)  =  1, 

(8Jfe  ±  l)2n"4  =  l(mod  2n) 

and  that  24r  ±  1  must,  therefore,  belong  to  an  exponent  which  is  a 
divisor  of  2n~4  for  this  modulus. 

Similarly,  we  find  that,  for  n  >  s  >  3, 

(2V  ±  l)2n_s  =  1  +  2n~a(2sr)  +   •  •  •   +  (28r)2n~'(mod  2n) 
=  l(mod2n) 

If,  in  addition,  (r,  2)  =  1  and  n  >  s  +  1, 

(2sr  ±  l)2""s_1  =  1  ±  2--s-1(2sr)  +  2n~s-2{2n-s~l  -  l)(2sr)2  ±    •  •  ■ 

+  (2Y)2n~s-1(niod  2n) 
=  1  +  2w-V(mod  2n) 

so  that  in  this  case  2sr  ±  1  belongs  to  2n~s  modulo  2n.  There  are  then 
<f>(2n~s)  ways  of  choosing  r  prime  to  2  so  that  the  integers  2sr  ±  1  are 
between  1  and  2n.  Thus  at  least  2</>(2n~s)  =  2n~s  incongruent  integers 
belong  to  2n_s  modulo  2n  for  n  >  s  +  1  >  4. 

But  if  n  =  s  +  1  >  4,  the  integers  2n~l  ±  1  belong  to  2  modulo  2n,  and 
it  is  also  evident  that  2n  —  1  belongs  to  2  modulo  2n.  Consequently,  for 
n  >  4,  20(2)  +  1=3  incongruent  integers  belong  to  2  modulo  2n. 

It  is,  furthermore,  apparent  that  1  belongs  to  1  modulo  2n  for  n  >  3. 

Consequently,  if  n  >  3,  we  have  shown  that,  of  the  2n~1  integers  1 
through  2n  that  are  prime  to  2, 

2n~2  of  them  belong  to  2n~2  modulo  2n 
2</>(2n-3)  =  2n~3  belong  to  2"~3 
2<K2n~4)  =  2n~4  belong  to  2W~4 


20(2n~s)  =  2n~s  belong  to  2n~s 

20(2)  +  1=3  belong  to  2 
1  belongs  to  1  modulo  2n 

But  1  +  3  +  22  +  23  +  •  •  •  +  2n~2  =  2n~\  and  we  have  thereby 
accounted  for  all  the  2n~1  positive  integers  less  than  2n  and  prime  to  2. 
Therefore,  the  number  of  integers  given  in  each  case  is  exactly  the  number 
of  incongruent  integers  that  belong  to  the  specified  exponent  modulo  2" 
when  ft  >  3. 

When  ft  =  3,  three  incongruent  integers  belong  to  2  and  one  belongs 
to  1  modulo  23. 
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Corollary.  The  congruence  x2k  =  l(mod  '2n),  where  0  <  k  <  n  —  2, 
has  2k+1  solutions  if  n  >  2. 

Theorem  7-11  shows  that  the  congruence  x2  =  l(mod  2n),  for  n  >  2, 
has  22  solutions  modulo  2n  since  the  solutions  must  be  prime  to  2  and 
belong  to  the  divisors  of  2.  For  a  like  reason  x2k  =  l(mod  2n),  with 
1  <  k  <  n  -  2,  has  1  +  3  +  22  +  23  +  •  •  •  +  2k  =  2k+l  solutions 
modulo  2n  if  n  >  2. 

*Theorem  7-12.     If  d  is  a  divisor  of  X(2n)  and  n  =  0,  1,  or  2,  there  is 
exactly  one  positive  integer  less  than  2n  that  belongs  to  d  modulo  2n. 

7-9.  Integers  Belonging  to  a  Divisor  of  (f>(pn)  Modulo  pn 
*Theorem  7-13.     If  p  is  an  odd  prime  and  d  is  a  divisor  of  4>{pn), 
where  n  >  1,  there  is  an  integer  that  belongs  to  d  modulo  pn. 

If  d  |  <f>(pn),  d  =  kpu,  where  k  is  a  divisor  of  p  —  1  and  0  <  u  <  n  —  1. 

Take  an  integer  a  that  belongs  to  k  modulo  p.  Then  ak  =  l(mod  p). 
If  ak  =  l(mod  p2),  there  is  an  integer  r  that  is  congruent  to  a  modulo  p 
and  is  such  that  rk  ^  l(mod  p2),  for 

(a  +  rap^  =  a*  +  kak-xmp  +   •  •  •   +  (mp)fc(mod  p2) 
3=  1  +  kak~lmp(mo&  p2) 

Hence,  if  (m,  p)  =  1, 

(a  +  mp)*  ^  l(mod  p2) 

Therefore,  let  r  =  a  +  mp.  Then  r  belongs  to  k  modulo  p,  and  rk  = 
1  +  cp  with  (c,  p)  =  1.  Keeping  in  mind  that  the  exponent  to  which  r 
belongs  modulo  pn  has  the  factor  k,  we  see  that  for  n  >  2  and  (w,  p)  =  1, 

(r&)«,p»-»  =  (1  +  cp)wpn~\mod  pn) 
and 

(r*)^""1  =  1  +  wcpn-l(mo&  pn) 

=z£  l(mod  pn) 
But 

(^p--!  ==  i(mod  pn) 

Therefore,  r  belongs  to  kpn~l  modulo  pn  when  n  >  1. 
Furthermore,  if  a  belongs  to  ft  modulo  p  and 

afc  ss  l(mod  ps_1) 
but 

a*  ^  l(mod  ps) 

there  is  an  r  =  a(mod  p*),  where  i  =  1,  2,  .  .  .  ,  s  —  1,  such  that 

rk  ss  l(mod  ps), 

for  since  a*  =  1  —  2ps_1  with  (£,  p)  =  1, 

(a  +  mps~l)k  =  ak  -\-  fcaft_1mp*~1(mod  ps) 

ss  1  —  £ps_1  +  kak~lmps~l (mod  ps) 
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But  an  integer  m  prime  to  p  can  be  so  chosen  that 

kak~lmps~l  =  tps~x  {mod  ps) 

for  this  congruence  is  equivalent  to 

kak~lm  =  £(mod  p) 
Hence, 

{a  +  mps~l)k  ss  l(mod  ps) 

Let  r  =  a  +  raps_1.  Then  r  belongs  to  the  exponent  /c  for  each  p*,  where 
i  =  1,2,  .  .  .  ,  s. 

In  like  manner  if  rk  =  l(mod  ps+1),  we  can  find  an  integer  v  =  r  +  gps 
with  (g,  p)  =  1  such  that 

(r  +  gps)k  as  l(mod  ps+1) 

This  v  is  in  the  class  with  r  for  each  of  the  moduli  p%  where  i  =  1,  2, 
.  .  .  ,  s,  and  hence  v  belongs  to  k  for  each  of  these  moduli.  Furthermore, 
since  vk  =  1  +  cps  with  (c,  p)  =  1,  if  (w,  p)  =  1  and  w  >  s, 

(va)WP»---i  =  (1  +  cps)wpn~s~\mod  pn) 

=  1  +  wcp^^mod  pw) 

^  l(mod  pn) 
but 

(^)pn_s  =  l(mod  pn) 

Therefore,  v  belongs  to  kpn~s  modulo  pn  for  n  >  s  >  0.  This  result 
implies  that  there  is  always  an  integer  that  belongs  to  a  divisor  of  4>(pn) 
modulo  pn. 

*Theorem  7-14.     If  d  is  a  divisor  of  <f>(pn),  there  are  exactly  <f>(d) 
incongruent  integers  that  belong  to  d  modulo  pn. 

We  have  proved  that  there  is  an  integer  a  that  belongs  to  d  modulo  pn. 
As  a  result  it  is  clear  that  the  integers  a,  a2,  ...  ,  ad  satisfy 

xd  =  l(mod  pn) 

Moreover,  as,  where  s  =  1,2,  .  .  .  ,  d,  belongs  to  d  modulo  pn  if  and  only 
if  (s,  d)  —  1.  Therefore,  <j>(d)  of  the  above  powers  of  a  belong  to  d 
modulo  pn.  Consequently,  if  \j/(d)  is  the  number  of  incongruent  integers 
that  belong  to  d  modulo  pn,  \J/(d)  >  <f>(d).  However,  every  integer  from  1 
through  pn  that  is  prime  to  p  belongs  to  just  one  divisor  of  4>{pn)  modulo 
pn,  and  so 

f(di)  +  ffa)  +  •  •  •  +  Hdm)  =  vn~\v  -  l) 

where  the  di,  with  i  =  1,  2,  .  .  .  ,  m,  are  the  divisors  of  4>{pn).  More- 
over, 

<f>(d1)  +  4>(d2)  +  •  •  •  +  <t>(dm)  =  p»-\p  -  1) 

and  hence  each  \f/(di)  =  <f>(di). 
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7-10.  Integers  Belonging  to  a  Divisor  of  4>(2pn)  modulo  2pn 
*Theorem  7-15.     There  are  exactly  <f>{d)  incongruent  integers  modulo 
2pn  that  belong  to  any  divisor  d  of  (f>(2pn)  modulo  2pn. 

If  r  belongs  to  <t>(2pn)  modulo  2pn,  the  incongruent  integers  modulo 
2pn  that  satisfy  the  congruence 


•*(2p») 


=  l(mod  2pn) 


are  r,  r2,  .  .  .  ,  r*(2pn).  These  are  all  the  integers  from  1  through  2pn 
that  are  prime  to  2pn.  In  the  manner  previously  employed  we  can  show 
that  rs  is  a  primitive  root  of  2pn  if  and  only  if  (s,  <f>(2pn))  =  1,  and  that 
if  (s,  4>{2pn))  =  d  ^  1,  rs  belongs  to  <f>(2pn)/d  modulo  2pn.  There  is, 
then,  always  at  least  one  integer  rs  that  belongs  to  any  divisor  of  <f>(2pn) 
modulo  2pn,  for  as  s  takes  the  values  1,  2,  ...  ,  <f>(2pn),  the  integer 
d  =  (s,  <j>(2pn))  ranges  over  all  divisors  of  <f>(2pn)  and  so  does  <j>(2pn)/d. 
But  if  b  belongs  to  d,  a  divisor  of  4>(2pn),  modulo  2pn,  then 

(5<f)«M2P»)/<i    =     &*(2p»)     =     l(m0d    2pn) 

and  b  satisfies  the  congruence  :r>(2pn)  ==  l(mod  2pn)  and  is,  therefore,  con- 
gruent to  a  power  of  r  modulo  2pn.  Consequently,  all  integers  that  belong 
to  d  modulo  2pn  are  congruent  modulo  2pn  to  just  one  integer  of  the  set 
r,  r2,  r3,  .  .  .  ,  r^2pn).  By  choosing  s  so  that  (s,  <t>{2pn))  =  <f>(2pn)/d,  rs 
will  belong  to  d  modulo  2pn.  But  there  are  exactly  cf>(d)  integers  s  in  the 
set  1,  2,  3,  ...  ,  <j)(2pn)  that  have  with  4>{2pn)  the  greatest  common 
divisor  <j>(2pn)/d.  Hence,  exactly  4>(d)  incongruent  integers  belong  to 
d  modulo  2pn. 

7-11.  Integers  Belonging  to  a  Divisor  of  X(m)  Modulo  m.  One  of  the 
author's  students,  Bernard  Sussman,  and  the  author  have  developed  the 
following  proof  of  a  method  for  finding  not  only  all  the  primitive  X  roots 
of  m  but  also  all  the  integers  that  belong  to  any  divisor  of  X(m)  modulo 


It  has  been  shown  thus  far  that  if  m  =   ]  J  pjn>,  a  primitive  X  root  a,-  can 

3  =  0 

be  determined  for  each  of  the  moduli  pf*  and  the  common  solution  of  the 
set  of  congruences 

x  =  ^(mod  p/0        j  =  0,  1,  .  .  .  ,r  (1) 

is  a  primitive  X  root  of  m.  We  have  seen,  moreover,  that  this  common 
solution  X  generates  by  means  of  its  powers  Xv,  with  v  prime  to  X(w), 
exactly  <f>(\(m))  incongruent  primitive  X  roots  of  m.  If  there  is  a  primi- 
tive X  root  of  m  distinct  from  those  already  found,  that  too  will  generate 
<f>(\(m))  incongruent  primitive  X  roots  of  m  none  of  which  is  in  a  pre- 
*R.  Carmichael,  Quart.  J.  Math.,  Vol.  44,  pp.  94-104,  1913. 
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ceding  set.  Thus  the  number  of  incongruent  primitive  X  roots  of  m  is  a 
multiple  of  0(X(ra)),  but  it  is  our  problem  to  find  this  multiple  and  to 
show  how  to  determine  all  the  primitive  X  roots  modulo  m. 

Let  \l/(d)  (mod  2n)  be  the  number  of  incongruent  integers  that  belong  to 
d,  a  divisor  of  X(2n),  for  the  modulus  2n.  Then  if  we  understand  that 
p0  =  2,  the  number  of  a0  that  can  be  used  in  the  congruences  (1)  is 
^(X(2n°))(mod  2no)  and  the  number  of  aj}  where  j  =  1,  2,  .  .  .  ,  r,  is 
<t>(k(pjnj)) •     Consequently,  there  are 

r 

^(X(2"»))(mod2w<>)  Y[  cf>(\(pjn0) 
y-i 

sets  of  congruences  (1),  each  set  having  a  single  solution  modulo  m,  and 
each  of  these  solutions  is  a  distinct  primitive  X  root  modulo  m. 

But  the  primitive  X  roots  so  determined  are  not  necessarily  all  that 
exist.  Let  dij,  where  i  =  1,  2,  .  .  .  ,q3;  represent  the  <&  divisors  of  \(pjni). 
Choose  any  set  of  r  +  1  divisors  dy  of  the  \(pjni),  where  j  =  0,  1,  2,  .  .  .  , 
r,  that  contains  exactly  one  divisor  of  each  \(pjnj)  and  such  that  the  least 
common  multiple  of  the  dy  is  the  number  X(m).  Then  find  integers  Uj 
that  belong  to  the  dij  modulo  pjn>,  and  find  the  common  solution  Y 
modulo  m  of  the  set  of  congruences 

y  s  ^(mod  pfi)        j  =  0,  1,  2,  ...  ,r  (2) 

This  integer  Y  is  a  primitive  X  root  modulo  m,  for  it  is  evident  that 

YHm)  =  i(mod  pyw') 
and  that 

YHm)    =    l(mod   m) 

But  if  F  belonged  to  an  exponent  u  <  X(m)  modulo  m,  then  Fw  = 
l(mod  m)  and  Fw  =  l(mod  Pjni),  where  j  =  0,  1,  2,  .  .  .  ,  r.  Thus  m 
would  be  divisible  by  each  dih  and  hence  by  their  least  common  multiple, 
which  is  X(m).  Therefore,  u  is  not  less  than  X(m),  and  F  belongs  to  X(m) 
modulo  m.     It  is  evident  also  that  if  there  are  h3-  integers  tq  that  belong 

r 

to  da  modulo  pjnj,  there  will  be  J]  kq  congruences  (2)  for  one  choice  of 

3  =  1 

r 

the  d^.     Consequently,  there  are  exactly  \l/(di0)  (mod  2n°)  ]  J  <f>(da)  incon- 

3  =  1 

gruent  primitive  X  roots  of  m  determined  by  one  choice  of  the  dy,  where 
j  =  0,  1,  .  .  .  ,  r,  having  least  common  multiple  X(m),  and  this  number 
is  obviously  a  multiple  of  <f>(\(m)). 

r 

Each  set  of  \l/(di0)  (mod  2n°)  \\  4>(dn)  incongruent  primitive  X  roots  of  m 

3  =  1 
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separates  without  repetition  of  an  element  into  subsets  of  </>(X(m)) 
integers.  Each  such  subset  is  generated  by  the  powers,  with  exponents 
prime  to  X(ra),  of  any  member  of  the  subset,  for  if  gi  and  g2  are  primitive 
X  roots  of  m  determined  by  one  selection  of  the  di3,  and  if  g2  ^  <7i((mod  m), 
where  t  is  prime  to  X(ra)  and  0  <  t  <  X(m),  and  if 

giSl  =  gis<l  (mod  m) 

where  Si  and  s2  are  prime  to  X(ra),  then 

g-f*  =  g2S2t(mod  m) 

But  because  the  powers  of  g2S2  repeat  the  original  4>(\(m))  roots  generated 
by  g2,  for  a  certain  t,  say  ti, 


•■1*1  = 


=  g2**i  =  g2(mod  m) 


This  conclusion  implies  that  our  assumption  is  false.  There  will,  there- 
fore, be  exactly 

r 

*(<fco)(mod2-)  II  *(*/) 

0(X(m)) 

such  sets  developed  from  each  of  g  distinct  choices  of  r  +  1  divisors  di3, 
where  i  =  1,  2,  .  .  .  ,  q3,  j  =  1,  2,  .  .  .  ,  r,  having  the  least  common 
multiple  X(m).  No  primitive  X  root  of  m  generated  by  the  powers  of  a 
primitive  X  root  (3  that  has  been  determined  by  one  choice  dil3  of  the  di3 
can  be  found  among  the  primitive  X  roots  of  m  determined  by  a  distinct 
set  of  divisors  di2j,  for  the  sets  dij  and  dij  differ  by  at  least  one  divisor 
corresponding  to  a  X  function  of  a  power  of  a  particular  prime.  Further- 
more, assuming  that  d^h  is  distinct  from  di2h  and  that  /3  belongs  to  d^h 
modulo  phnh  and  7  belongs  to  d^n  modulo  phnh,  let  us  suppose  that  (3V  = 
7™  (mod  m)  with  v  and  w  prime  to  X(m).  Then  /3U  =  7w(mod  p^**).  But 
i>  and  w  are  prime  to  X(phnh)  and  hence  to  the  divisors  of  \(phnh) .     However, 

(pv)*ix*  =  ((3dhh)v  =  l(mod  p^nA) 
Hence, 

(7«>)<V  =  l(mod  prt 

and  thus  d,-,*  divides  wd^.  Therefore,  d^h  divides  d^.  In  like  manner, 
dith  divides  d^h,  and  finally  d^h  =  d;^,  which  is  contrary  to  our  assumption. 
If  there  are  q  sets  of  divisors  dij,  the  primitive  X  roots  of  m  determined  by 
them  are,  therefore,  distinct  modulo  m. 

But  each  integer  which  belongs  to  X(m)  modulo  m  and  which  is,  there- 
fore, prime  to  each  of  the  p3ni  belongs  to  exactly  one  exponent  that  is  a 
divisor  of  \(p3nj)  modulo  p3nj.  Hence,  from  all  possible  choices  of  sets  of 
r  +  1  positive  integers  di3,  where  i  =  1,  2,   .   .   .   ,  q3,  j  =  0,  1,  2,  .  .  .  ,  r, 
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for  which  the  least  common  multiple  of  the  da  in  a  set  is  X(m),  we  find  all 
the  incongruent  primitive  X  roots  modulo  m,  for  if  a  belongs  to  X(ra) 
modulo  m,  then 

a\(pfi)  =  i(mod  pyn0        j  =  0,  1,  .  .  .  ,  r 

and  hence  a  belongs  to  an  exponent  dij  modulo  pf1'  that  divides  \(pjni). 
If,  however,  the  least  common  multiple  of  these  dq  were  u  <  X(m),  a 
would  belong  to  u  modulo  m.  Thus  when  \f/(X(m))  (mod  m)  is  the  number 
of  incongruent  integers  that  belong  to  X(m)  for  the  modulus  m,  we  have: 
*Theorem  7-16.  If  the  pj}  where  j  =  0,  1,  2,  .  .  .  ,  r,  are  distinct 
primes,  there  are  exactly 

r 

^(X(m))(modm)  =  V  i£(dU)(mod  2"°)  []  <K<fe) 
9  y=i 

r 

incongruent  primitive  X  roots  modulo  m  =  ]|  p/',  where  the  summation 

i=o 
is  taken  over  the  number  q  of  distinct  sets  of  r  +  1  divisors  d#,  with 
i  =  1,  2,  .  .  .  ,  qj,  of  the  X(pynj)  whose  least  common  multiple  is  X(m) 
and  where  each  of  the  q  sets  contains  just  one  divisor  of  each  of  the 
\(pjni)>  These  primitive  X  roots  of  m  can  be  separated  into  subsets,  of 
0(X(m))  integers  generated  by  any  member  of  the  subset. 

It  is,  furthermore,  obvious  that  the  method  with  an  analogous  proof 
holds  for  finding  the  integers  that  belong  to  any  divisor  of  X(m)  for  the 
modulus  m. 

Examples.  At  the  end  of  Sec.  7-7  we  showed  that  the  primitive  roots 
of  7  and  3  yield  exactly  two  distinct  primitive  X  roots  of  21.  But  it  is 
evident  that  X(21)  =  6  can  be  built  up,  not  only  as  the  least  common 
multiple  of  0(7)  =6  and  <£(3)  =  2,  but  also  as  the  least  common  multiple 
of  the  factors  6  of  0(7)  and  1  of  0(3),  and  again  as  the  least  common  multi- 
ple of  the  factors  3  of  0(7)  and  2  of  0(3),  and  in  no  other  way  from 
factors  of  0(7)  and  0(3). 

Using  the  fact  that  3  and  5  belong  to  6  modulo  7  and  that  1  belongs  to 
1  modulo  3,  the  sets  of  congruences 

x  =  3(mod  7)         x  =  5(mod  7) 
x  =  l(mod  3)         x  =  l(mod  3) 

show  that  10  and  19  are  primitive  X  roots  of  21.  Notice  that  the  powers 
of  10  yield  0(X(21))  =  2  primitive  X  roots  of  21,  and  they  are  10  and 
105  =  19(mod  21). 

The  integers  2  and  4  belong  to  3  modulo  7,  and  2  belongs  to  2  modulo  3. 
Therefore,  the  sets  of  congruences  to  be  solved  are 

x  =  2(mod  7)         x  =  4(mod  7) 
x  s  2(mod  3)         x  =  2(mod  3) 
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Their  solutions  are  x  =  2,  x  =  11  (mod  21),  respectively,  and  again  we 
observe  that  25  =  11  (mod  21).  There  are  then  but  three  sets  of  two 
primitive  X  roots  of  21,  and  therefore  exactly  six  incongruent  integers  that 
belong  to  6  modulo  21. 

As  a  second  example  consider  the  problem  of  finding  the  primitive 
X  roots  of  168  =  23  •  3  •  7.  Since  X(23)  =  2,  X(3)  =  2,  and  X(7)  =  6,  we 
must  determine  all  possible  ways  in  which  X(168)  =  6  can  be  set  up  as  the 
least  common  multiple  of  one  factor  of  X(23),  one  factor  of  X(3),  and  one 
factor  of  X(7).     These  sets  of  factors  are  listed  in  the  following  table. 


Number  of  incongruent 

Case 

Factors  of  X(23) 

Factors  of  A(3) 

Factors  of  A (7) 

primitive  X  roots  of 
168  determined 

(1) 

2 

2 

6 

6 

(2) 

1 

1 

6 

2 

(3) 

1 

2 

6 

2 

(4) 

2 

1 

6 

6 

(5) 

1 

2 

3 

2 

(6) 

2 

1 

3 

6 

(7) 

2 

2 

3 

6 

Case  1.     The  sets  of  congruences  to  be  satisfied  are 


x  =  3  (mod  8) 
x  =  2  (mod  3) 
x  =  3  (mod  7) 

x  =  5  (mod  8) 
x  =  2  (mod  3) 
x  =  3  (mod  7) 

x  =  7  (mod  8) 
x  =  2  (mod  3) 
x  =  3  (mod  7) 


x  =  3  (mod  8) 
x  =  2  (mod  3) 
x  =  5  (mod  7) 

x  =  5  (mod  8) 
x  =  2  (mod  3) 
x  =  5  (mod  7) 

x  =  7  (mod  8) 
x  =  2(mod  3) 
x  =  5  (mod  7) 


The  primitive  X  roots  of  168  so  determined  are  59,  131,  101,  5,  143, 
and  47,  respectively,  and  they  occur  in  sets  of  0(6)  =  2,  which  are 
5  and  55  =  101  (mod  168);  47  and  475  =  143 (mod  168);  and  59  and 
595  =  131(mod  168). 

Case  2.     The  congruences  are 

x  =  l(mod  8)  x  =  l(mod  8) 
x  =  l(mod  3)  x  =  l(mod  3) 
x  =  3(mod  7)         x  =  5(mod  7) 

The  solutions  are  x  =  73  and  x  =  735  =  145(mod  168). 
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Case  3.     The  congruences  are 

x  ss  l(mod  8)  x  3=  l(mod  8) 
a;  s  2  (mod  3)  x  =  2  (mod  3) 
x  =  3(mod  7)         x  =  5(mod  7) 

The  solutions  are  x  =  17  and  x  =  175  =  89(mod  168). 

Case  4.     The  congruences  are 

x  =  3(mod  8)  x  =  3(mod  8) 
a;  ss  l(mod  3)  x  =  l(mod  3) 
a;  =  3(mod  7)         a;  s=  5(mod  7) 

x  =  5(mod  8)  a:  =  5(mod  8) 
x  3=  l(mod  3)  x  =  l(mod  3) 
x  =  3(mod  7)         x  3=  5(mod  7) 

a:  3=  7(mod  8)  x  =  7(mod  8) 
x  =  l(mod  3)  x  =  l(mod  3) 
a;  s=  3(mod  7)         a;  =  5(mod  7) 

The  solutions  modulo  168  are  115,  19,  157,  61,  31,  and  103,  respectively, 
and  they  form  the  sets  19  and  195  =  115 (mod  168);  31  and  315  = 
103(mod  168);  61  and  615  =  157(mod  168). 

Case  5.     The  congruences  are 

x  =  l(mod  8)  x  =  l(mod  8) 
x  =  2  (mod  3)  x  =  2  (mod  3) 
x  =  2(mod  7)         x  =  4(mod  7) 

The  solutions  are  x  =  65  and  x  =  655  =  137(mod  168). 

Case  6.     The  congruences  are 

x  =  3(mod  8)  x  =  3(mod  8) 
x  =  l(mod  3)  x  =  l(mod  3) 
x  =  2(mod  7)         x  =  4(mod  7) 

x  =  5(mod  8)  x  =  5(mod  8) 
x  3=  l(mod  3)  x  =  l(mod  3) 
x  =  2(mod  7)         x  =  4(mod  7) 

a;  3e  7(mod  8)  a;  3e  7(mod  8) 
x  3=  l(mod  3)  a;  =  l(mod  3) 
a;  3s  2(mod  7)         a;  =  4(mod  7) 

The  solutions  modulo  168  are  163,  67,  37,  109,  79,  and  151.  They  form 
the  sets  37  and  375  =  109(mod  168);  67  and  675  =  163(mod  168);  79  and 
796  =  151(mod  168). 
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Case  7.     The  congruences  are 

x  =  3(mod  8) 
x  =  2  (mod  3) 
x  =  2(mod  7) 

x  =  5(mod  8) 
x  =  2(mod  3) 
x  =  2(mod  7) 

x  =  7  (mod  8) 
x  =  2 (mod  3) 
x  =  2  (mod  7) 


x  hh  3  (mod  8) 
x  =  2  (mod  3) 
x  =  4  (mod  7) 


x 


5  (mod  8) 
x  s=  2(mod  3) 
x  =  4(mod  7) 

x  =  7  (mod  8) 
x  =  2(mod  3) 
x  =  4  (mod  7) 


The  solutions  modulo  168  are  107,  11,  149,  53,  23,  and  95,  and  they  form 
the  sets  11  and  ll5  =  107 (mod  168);  23  and  235  =  95(mod  168);  53  and 
535  =  149(mod  168). 

EXERCISES 


1.  Find  the  primitive  X  roots  of  32. 

2.  Find  the  integers  that  belong  to  4  modulo  32. 

3.  Find  the  integers  that  belong  to  6  and  to  9  modulo  27. 

4.  Find  the  integers  that  belong  to  6  and  to  9  modulo  54. 

5.  Find  the  primitive  X  roots  of  72. 


CHAPTER  8 
INDICES 


8-1.  Indices  for  a  Prime  Modulus.  When  p  is  a  prime  and  r  is  a 
primitive  root  of  p,  we  have  shown  that  r,  r2,  .  .  .  ,  rp~l  are  incongruent 
modulo  p.  Hence,  the  power  residues  of  r  modulo  p  are  in  some  order  the 
integers  1,  2,  .  .  .  ,  p  —  1  and  form  a  reduced  residue  system  modulo  p. 
It  is  evident,  then,  that  any  integer  n  that  is  prime  to  p  is  congruent  to 
one  of  the  above  powers  of  r  for  the  modulus  p.     Thus 

n  =  rs(mod  p) 

Gauss  called  the  exponent  s  of  r  the  index  of  n  modulo  p  relative  to  the  base  r. 
To  express  this  idea,  we  write  s  =  indr  n,  but  we  usually  omit  the  base  r 
when  there  is  no  danger  of  confusion  as  is  true  in  the  case  of  the  con- 
gruence rindn  =  ft  (mod  p). 

As  thus  defined,  the  index  of  n  modulo  p  is  unique  for  the  modulus 
p  —  1,  for  if 

n  =  rs  =  r((mod  p) 


and  if  s  >  t,  then 
and 


-*■  =  l(mod  p) 

s  =  2(mod  p  —  1) 


It  is,  therefore,  convenient  to  use  the  least  positive  exponent  s  such  that 
n  =  rs(mod  p)  as  the  index  of  n  modulo  p.  Obviously  the  index  of  n 
modulo  2  is  useless. 

Of  course,  the  index  of  n  determined  by  the  primitive  root  r  may  be 
different  from  that  determined  by  another  primitive  root  of  p.  For 
instance,  for  the  modulus  7,  ind3  2  =  2(mod  6)  but  inds  2  =  4(mod  6). 

Theorem  8-1.  If  m  =  n(mod  p),  their  indices  relative  to  a  particular 
primitive  root  of  a  prime  p  are  the  same  modulo  p  —  1,  and  conversely. 

The  proof  follows  immediately  from  the  fact  that  if  r  is  a  primitive  root 
of  p,  the  congruences  rindm  =  rindn(mod  p),  and  indr  m  =  indr  /t(mod  p  —  1) 
imply  each  other. 

Theorem  8-2.  If  p  is  a  prime,  and  m  and  n  are  prime  to  p,  then 
mdrmn  =  indr  m  +  indrn(mod  p  —  1). 
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Since 

n  =  rindn(mod  p) 

and 

m  53  rindm(mod  p) 

it  follows  that 

mn  =  rindm+indn(mod  p) 

But 

mn  =  rindmn(mod  p) 

Therefore, 

indr  mn  =  indr  m  +  indr  w(mod  p  —  \) 

Theorem  8-3.     If  p  is  a  prime  and  n  is  prime  to  p,  then  indr  nk  = 
k  indr  n(mod  p  —  1). 
If 

n  =  rindn(mod  p) 
then 

nk  =  rfcindn(mod  p) 
Also 

nk    =    rindn^m()CJ    p) 

Hence, 

indr  nk  =  k  indr  n(mod  p  —  1) 

It  is  evident  from  these  laws  that  the  index  of  an  integer  plays  a  role 
which  is  analogous  to  that  played  by  the  logarithm  of  a  number.  This 
analogy  is  further  emphasized  by  the  following  formula  for  changing  the 
base  of  a  system  of  indices  from  one  primitive  root  of  p  to  another : 

Theorem  8-4.  If  p  is  a  prime  and  n  is  prime  to  p,  then  indri  n  = 
indr2  n  indri  r2(mod  p  —  1). 

Let  ri  and  r2  be  distinct  primitive  roots  modulo  p.     Then 

Hence,  taking  indices  to  the  base  rh 

indri  n  indri  ri  =  indr2  n  indn  r2(mod  p  —  1) 

or 

indri  n  =  indr2  n  indri  r2(mod  p  —  1) 

Theorem  8-5.  If  ri  and  r2  are  primitive  roots  of  p,  a  prime,  then 
indn  r2  indr2  ri  =  l(mod  p  —  1). 

riindrir2  =  r2(mod  p) 
indri  r2  indr2  rx  ss  indr2  r2(mod  p  —  1) 
and 

indr,  r2  indr2  r\  =  l(mod  p  —  1) 

If  we  construct  a  table  of  power  residues  of  a  primitive  root  r  of  p,  we 
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can  use  indices  in  the  solution  of  any  congruences  of  the  form  axn  = 
b  (mod  p),  with  (a,  p)  =  1,  for  the  theorems  given  above  show  that 


Therefore, 


ind  a  +  n  ind  x  =  ind  6(mod  p  —  1) 

n  ind  x  =  ind  6  —  ind  a(mod  p  —  1) 


and  unless  d  =  (n,  p  —  1)  divides  ind  6  —  ind  a,  no  value  of  ind  x 
satisfies  the  last  congruence,  and  consequently  there  is  no  solution  of 
axn  =  b (mod  p).  But  if  d  |  (ind  b  —  ind  a),  there  are  exactly  d  incon- 
gruent  values  modulo  p  —  1  of  ind  x  that  satisfy  n  ind  x  =  ind  6  — 
ind  a  (mod  p  —  1).  By  letting  (p  —  l)/d  =  mo  we  can  express  these 
incongruent  solutions  modulo  p  —  1  as 


Therefore, 


£,  i  +  ra0,  i  +  2ra0,  .  .  .  ,  i  +  (d  —  l)ra0 

j.    s    ri+A;mo(mo^  p)  k    =    0,    1,     .     .     .     ,  d   ~    1 


gives  exactly  d  incongruent  solutions  modulo  p  of  the  given  congruence. 
By  referring  to  a  table  of  power  residues  of  r,  the  d  values  of  x  are  easily 
determined. 

Of  course,  this  method  of  solving  a  congruence  requires  that  we  have 
a  table  of  indices  for  each  prime  that  is  used  as  a  modulus.  In  1839 
Jacobi*  constructed  such  tables  of  power  residues  for  each  prime  and 
power  of  a  prime  less  than  1000.  Since  then  men  like  Goldberg,  Wert- 
heim,  and  Cunningham  have  contributed  to  the  task  of  finding  the  power 
residues  of  the  least  positive  primitive  root  of  every  prime  less  than 
10,160.  M.  Kraitchikf  has  listed  a  primitive  root  of  each  prime  less  than 
25,000,  but  many  errors  have  been  found  in  his  tables. 

It  is  quite  evident  that,  instead  of  defining  the  index  of  an  integer  only 
in  the  case  of  a  prime  modulus,  we  might  have  used  any  other  modulus  m 
for  which  primitive  roots  exist,  for  in  these  cases  the  residues  of  the  powers 
of  a  primitive  root  likewise  form  a  reduced  residue  system  modulo  m. 
However,  tables  for  such  indices  are  less  frequently  available  than  are 
those  with  modulus  p,  a  prime.  They  are,  moreover,  not  essential 
because,  as  we  have  shown  in  Chap.  5,  we  can  reduce  the  solution  of  any 
congruence  to  the  problem  of  solving  congruences  with  prime  moduli. 

Examples.     1.  Solve:  5x  =  7 (mod  11). 

Using  the  primitive  root  2  of  11,  we  set  up  the  following  table  of 
indices: 

ind 


2 

3 

4 

5 

6     1     7 

8 

9 

10 

4 

8 

5 

10 

9         7 

3 

6 

1 

*L.  E.  Dickson,  ''History  of  the  Theory  of  Numbers,"  Vol.  1,  p.  185. 
t  Ibid.,  Vol.  1,  p.  202. 
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Then 

• 

ind  5  +  ind  x  =  ind  7  (mod  10) 

or 

and 

4  +  ind  x  =  7(mod  10) 

Therefore, 

ind  a;  =  3  (mod  10) 

x  =  8(mod  11) 

2.  Solve:  7x*  =  3(mod  11). 

ind  7  +  3  ind  x  =  ind  3  (mod  10) 

3  ind  x  =  8  -  7(mod  10) 
Hence, 

ind  x  =  7  (mod  10) 
and 

x  =  7(mod  11) 

3.  Solve:  3a:4  =  2(mod  11). 

ind  3  +  4  ind  x  =  ind  2  (mod  10) 

4  ind  x  =  3  (mod  10) 

But  (4,  10)  =  2,  and  2  Jf  3,  so  that  there  is  no  solution  of  the  given 
congruence. 

4.  Solve:  bx2  =  3(mod  11). 

ind  5  +  2  ind  x  =  ind  3  (mod  10) 
2  ind  x  =  4  (mod  10) 

There  are  two  solutions  since  (2,  10)  =  2  and  2  |  4. 

ind  x  =  2(mod  10)         x  =  4(mod  11) 
and 

ind  x  =  7(mod  10)         x  =  7(mod  11) 

5.  Solve:  7x  =  4(mod  121). 

Any  solution  of  this  congruence  must  satisfy  7x  =  4  (mod  11).     But 

ind  7  +  ind  x  =  ind  4  (mod  10) 
ind  x  =  5  (mod  10) 

Hence,  x  =  10(mod  11),  and  all  solutions  of  the  original  congruence  have 
the  form  x  =  10  +  11/c.     Therefore, 

7(10  +  11/b)  b  4(mod  121) 
or 

77k  m  55(mod  121) 
Hence, 

7k  m  5(mod  11) 
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and 

ind  7  +  ind  k  =  ind  5  (mod  10) 
so  that 

ind  k  =  7(mod  10) 
and 

k  =  7(mod  11) 
Therefore, 

x  =  87(mod  121) 

8-2.  Euler's  Criterion  for  the  Solvability  of  xn  =  c(mod  m).  For 
moduli  m  that  have  primitive  roots  we  can  determine  a  convenient  test 
for  the  solvability  of  a  congruence  of  the  form  xn  =  c(mod  m)  with 
(c,  m)  =  1.  Because  any  binomial  congruence  axn  =  b  (mod  m)  with  a 
and  6  prime  to  m  can  be  reduced  to  this  form  by  multiplying  each  member 
of  the  congruence  by  the  solution  of  ax  =  l(mod  m),  the  problem  is  also 
solved  in  the  latter  case. 

Theorem  8-6.  If  m  is  any  modulus  for  which  there  is  a  primitive  root 
and  (c,  m)  —  1,  the  congruence  xn  =  c(mod  m)  has  a  solution  if  and  only 
if  c^m)/d  =  l(mod  ra),  where  d  =  (n,4>{m)).  Furthermore,  when  there 
is  one  solution,  there  are  exactly  d  solutions  modulo  m  of  the  given 
congruence. 

Suppose  that  r  is  a  primitive  root  of  m  and  that  c  =  rs(mod  m).  If 
xn  =  c(mod  m)  has  a  solution  x  =  rfc(mod  m),  it  follows  that  rkn  = 
rs(mod  m)  and  kn  =  s(mod  0(m)).  Since  k  satisfies  this  linear  con- 
gruence, d  =  (n,<f>(m))  must  divide  s.     Hence, 

c<j>(m)/d   =    rs4>(m)/d    =    (r<}>(m)\s/d    =    1  (mod   Til) 

Conversely,  if 


then 


c<Km)/d  =  i(mod  m) 
rs<t>(m)/d  =  i(mod  m) 


Therefore,  scf)(m)/d  is  a  multiple  of  <t>(m),  and  s/d  is  an  integer.  As  a 
result,  the  congruence  nk  =  s(mod  4>{m))  is  satisfied  by  just  d  incongruent 
values  modulo  cf>(m)  of  k.  Corresponding  to  these  integers,  there  are 
exactly  d  incongruent  values  modulo  m  of  x  that  form  the  complete  set  of 
solutions  of  xn  =  c(mod  m). 

Theorem  8-7.  If  p  is  a  prime  and  d  =  (n,p  —  1),  there  are  (p  —  l)/d 
incongruent  values  modulo  p  of  c,  prime  to  p,  such  that  xn  =  c(mod  p) 
has  a  solution. 

According  to  Theorem  8-6,  the  congruence  xn  =  c(mod  p)  has  a  solution 
if  and  only  if  c(p~1)/d  =  l(mod  p)  where  d  =  (n,  p  —  1).  But  the  con- 
gruence xip~1)/d  =  l(mod  p)  has  a  solution.     There  are,  thus,  exactly 


130  ELEMENTARY    THEORY    OF    NUMBERS 

(p  —  \)/d  incongruent  solutions  modulo  p  of  'this  congruence,  and  these 
are  the  values  of  c  for  which  the  first  one  is  solvable. 

It  is  evident  also  that  if  an  integer  c  is  a  residue  of  the  nth  power  of  an 
integer  for  a  modulus  m  having  a  primitive  root,  and  if  d  =  (n,<£(m)),  the 
same  c  is  a  residue  of  the  dth  power  of  an  integer  for  that  modulus,  for  if 
c^m)/d  ==  i(mod  m)?  the  congruence  xd  =  c(mod  m)  has  a  solution. 
Hence,  if  d  ^  n,  a  residue  of  an  nth  power  modulo  m  is  always  a  residue 
of  a  power  that  is  smaller  than  n  and  is  a  divisor  of  both  n  and  4>(m).  It 
is  thus  clear  that  when  p  is  a  prime  of  the  form  5k  +  2,  5k  +  3,  or  5k  +  4, 
the  test  for  a  solution  of  x5  =  c(mod  p)  is  the  same  as  the  test  for  a  solu- 
tion of  x  =  c(mod  p).  Since  the  last  congruence  is  always  solvable,  an 
integer  c,  prime  to  p,  is  always  a  residue  of  a  fifth  power  for  prime  moduli 
of  the  form  5k  +  2,  5k  +  3,  and  5k  +  4.  But  if  p  =  5k  +  1,  c  is  a 
residue  of  a  fifth  power  modulo  p  if  and  only  if  ck  =  1  (mod  p) .  If  p  is  a 
prime  of  the  form  4A;  —  1,  the  very  test  for  a  residue  of  a  fourth  power 
modulo  p,  c2fc_1  =  l(mod  p),  is  the  same  as  that  for  a  second  power  and 
hence  in  this  case  the  set  of  residues  of  fourth  powers  modulo  p  is  identical 
with  the  set  of  residues  of  second  powers.  If  p  =  4k  +  1,  then  4  = 
(4,  4Jc)  and  no  such  statement  can  be  made.  Again,  if  p  is  of  the  form 
3k  +  2,  every  integer  not  a  multiple  of  3  is  a  cubic  residue  modulo  p,  but 
if  p  is  of  the  form  dk  +  1,  c  is  a  cubic  residue  if  and  only  ifcfc  =  l(mod  p). 
Finally,  if  the  modulus  is  an  odd  prime  p  =  2k  +  1,  c  is  a  residue  of  a 
second  power  if  and  only  if  cfc  =  l(mod  p).  It  is  to  the  study  of  these 
quadratic  residues  that  we  turn  in  the  next  chapter. 

EXERCISES 

1.  Prove  that  the  least  positive  residues  of  l2,  22,  .  .  .  ,  (p  —  l)2  modulo  p,  where 
p  is  an  odd  prime,  repeat  themselves  exactly  twice. 

2.  If  p  is  a  prime  and  n  is  prime  to  p  —  1,  prove  that  the  integers  ln,  2n,  3n,  .  .  .  , 
(p  —  l)n  form  a  reduced  residue  system  modulo  p.  Thus  show  that  if  p  is  a  prime  of 
the  form  3n  +  2,  the  integers  l3,  23,  33,  .  .  .  ,  (p  —  l)3  form  a  reduced  residue  system 
modulo  p. 

3.  Prove  that  the  odd  prime  divisors  of  xA  +  1  are  of  the  form  Sn  +  1. 

4.  If  p  is  a  prime,  determine  when  the  existence  of  a  solution  of  x6  =  c(mod  p) 
is  dependent  upon  the  existence  of  a  solution  of  xa  =  c(mod  p)  with  n  <  6. 

6.  Determine  whether  or  not  there  is  a  solution  and,  if  so,  solve  the  congruences: 

a.  x3  =  5(mod  13) 

b.  x*  =  7(mod  13) 

6.  Show  that  if  r  is  a  primitive  root  of  p,  then  r^'1^2  =  —  l(mod  p),  and  thus  that 
if  (a,  p)  =  1,  ind  (p  —  a)  =  ind  a  ±  [(p  —  l)/2]  (mod  p  —  1). 

7.  Set  up  a  table  of  indices  for  the  prime  13,  and  solve  the  following  congruences: 

a.  5x  m  4 (mod  13) 

b.  5x2  =  6  (mod  13) 
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8.  Find  the  index  of  5  for  each  of  the  primitive  roots  of  13. 

9.  Find  the  index  of  5  modulo  13  relative  to  the  base  6  by  using  a  table  to  the  base  2. 
10.  Use  the  following  table  of  power  residues  of  the  primitive  root  5  of  193  to  solve 

the  congruences: 

a.  Sx  =      2  (mod  193) 

b.  3x  es  191  (mod  193) 

c.  7x  =  157  (mod  193) 

d.  x3  =    64(mod  193) 
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CHAPTER  9 
QUADRATIC  RESIDUES 


9-1.  The  General  Quadratic  Congruence 

Theorem  9-1.  A  solvable  quadratic  congruence  a0y2  +  axy  +  a2  = 
0(mod  ri),  where  a0  ^  0(mod  n),  can  be  reduced  to  the  form  x2  = 
a(mod  m)  in  which  (a,  m)  —  1. 

By  multiplying  the  modulus  and  each  member  of  the  congruence 

a0?/2  +  dry  +  a2  =  0(mod  n) 

by  4a0,  we  obtain  the  equivalent  congruence 

4a0y  +  4a0aii/  +  4a0a2  =  0(mod  4a0n) 

which,  upon  completing  the  square,  becomes 

(2a0y  +  ai)2  =  ai2  —  4a0a2(mod  4a0n) 
Now  let 

4a0n  =  m 
2a0y  +  «!  =  z(mod  m) 
and 

«i2  —  4a0a2  =  6(mod  m) 

The  original  congruence  is  thereby  reduced  to  the  form 

z2  =  b(mod  m) 

Suppose  that  (b,  m)  =  d  =  e2k,  where  e2  is  the  largest  square  contained 
in  d,  and  that  m  =  m0d,  b  =  bod.     Then  ek  divides  z.     Therefore,  let 

z  =  ekw(mod  m) 

and  the  congruence  takes  the  form 

e2k2w2  =  b (mod  m) 
or 

kw2  =  60(mod  m0) 

If  (k,  m0)  =  s,  unless  s  |  60  there  is  no  solution.  But  (60,  ra0)  —  1.  Con- 
sequently, there  is  no  solution  unless  s  =  1.  If  s  =  1,  multiply  each 
member  of  the  last  congruence  by  k,  and  let 

x  =  kw  (mod  m0) 
134 
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Then 

x2  s=  b0k(mod  m0) 
and  if  we  set 

b0k  ss  a(mod  m0) 

we  have  attained  the  required  form  x2  =  a  (mod  m0)  with  (a,  ra0)  =  1. 

The  problem  of  solving  any  quadratic  congruence  is,  therefore,  reduced 
to  that  of  solving  binomial  quadratic  congruences  and  linear  congruences. 

Examples.     1.  Solve:  x2  =  6 (mod  15). 

Let  x  =  3z(mod  15).  Then  3z2  =  2(mod  5).  Multiplying  by  3,  which 
is  prime  to  5,  and  letting  z  =  3w(mod  5),  we  have  w2  =  6 (mod  5),  or 
w2  =  l(mod  5).  Hence,  w  =  1,  4(mod  5),  2  =  3,  2 (mod  5),  and  finally, 
x  =  9,  6(mod  15). 

2.  Solve:  x2  =  24(mod  60). 

Since  (24,  60)  =  12,  let  x  =  6z(mod  60).  Then  Sz2  =  2(mod  5).  Let 
z  =  3^  (mod  5),  so  that  w2  =  l(mod  5).  Therefore,  w  =  1,  4  (mod  5), 
z  =  3,  2(mod  5),  and  finally,  x  =  18,  48,  12,  42(mod  60). 

EXERCISES 


Solve  the  congruences: 

a. 

x2  =  28  (mod  84) 

b. 

x2  =  64(mod420) 

9-2.  Quadratic  Residues.  When  (a,  m)  =  1  and  the  congruence  x2  = 
a  (mod  m)  has  a  solution,  the  integer  a  is  a  quadratic  residue  modulo  m,  or 
a  quadratic  residue  of  m,  but  if  the  congruence  has  no  solution,  a  is  a 
quadratic  nonresidue  modulo  m,  or  a  quadratic  nonresidue  of  m.  For 
example,  2  is  a  quadratic  residue  of  7  because  3  satisfies  x2  =  2  (mod  7), 
but  2  is  a  quadratic  nonresidue  modulo  5  because  there  is  no  solution  of 
x2  =  2  (mod  5).  Can  you  find  a  number  whose  square  gives  the  remain- 
der 4  when  it  is  divided  by  15? 

If  an  integer  a  is  prime  to  m  >  0,  its  quality  of  being  a  quadratic 
residue  or  nonresidue  modulo  m  is  called  its  quadratic  character  with 
respect  to  m.  Obviously  all  integers  in  the  class  with  a  modulo  m  have  the 
same  quadratic  character  with  respect  to  m. 

The  problem  of  determining  the  quadratic  character  of  a  is,  therefore, 
equivalent  to  that  of  testing  the  solvability  of  the  congruence  x2  = 
a  (mod  m).  We  have  already  shown  that  by  factoring  m  into  powers  of 
primes  we  can  reduce  the  discussion  to  the  question  of  solving  the  con- 
gruence x2  ss  a  (mod  pn)  with  p  a  prime,  and  finally  to  the  case  x2  = 
a(mod  p).  Theorem  5-13  shows  that  when  p  is  an  odd  prime,  these  last 
two  congruences  either  are  both  insolvable  or  have  the  same  number  of 
solutions,  and  therefore  in  this  case  it  will  be  necessary  to  study  in  detail 
only  the  quadratic  residues  of  p. 
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In  the  case  of  the  prime  2,  any  odd  integer  is  a  quadratic  residue  of  2, 
and  the  even  integers  are  excluded  from  the  discussion.  But  for  f(x)  = 
x2  —  a,  f'(x)  =  2x,  and  thus  d  =  (2x',2)  is  always  2.  Hence,  Theorem 
5-13  shows  that  either  a  solution  of  x2  =  a(mod  2n_1)  satisfies  x2  = 
a  (mod  2n)  and  yields  two  solutions  of  the  second  congruence  or  no  solution 
of  the  second  congruence  can  be  developed  from  the  particular  solution  x' 
of  the  first.  The  problem  of  determining  quadratic  residues  of  powers  of 
the  even  prime  must,  therefore,  be  considered  separately  from  that  of 
powers  of  odd  primes. 

Euler  (1707-1783),  Lagrange  (1736-1813),  and  Legendre  (1752-1833) 
were  all  very  much  interested  in  the  theory  of  quadratic  residues,  but 
Gauss  (1777-1855)  was  the  one  who  contributed  most  to  this  subject. 
The  fact  is  that  Gauss  was  one  of  the  greatest  mathematicians  of  all 
time.  It  is  really  no  wonder  that  his  name  is  connected  with  so  much 
that  has  been  produced  in  the  theory  of  numbers,  for  it  was  his  favorite 
study.  He  considered  it  the  " queen  of  mathematics."  His  "Dis- 
quisitiones  arithmeticae,"  published  in  1801,  is  the  classic  of  the  theory  of 
numbers  and  exhibits  very  well  the  elegance  of  form  and  rigor  of  presenta- 
tion for  which  he  is  noted.  Some  of  the  topics  to  which  he  made  great 
contributions  are  quadratic  forms,  biquadratic  residues,  and  the  theory  of 
congruences. 

Theorem  9-2  (Euler's  Criterion).  If  p  is  an  odd  prime,  the  integer  a 
is  a  quadratic  residue  of  p  if  and  only  if  a(p~1)/2  =  l(mod  p). 

This  theorem  is  included  in  Theorem  8-6.  Nevertheless,  we  shall  give 
an  independent  proof  for  the  case  when  n  =  2. 

Let  ai,  a2,  .  .  .  ,  ap-i  be  a  reduced  residue  system  modulo  p,  and  sup- 
pose that  a  is  a  quadratic  nonresidue  modulo  p.     Then  each  congruence 

diX  =  a(mod  p)         i  =  1,  2,  .  .  .  ,  p  —  1 

has  just  one  solution  x  =  a, (mod  p)  distinct  from  a*  and  prime  to  p. 
Moreover,  no  two  of  these  congruences  have  the  same  solution,  for  if 

aidj  =  a  (mod  p) 
and 

aka,j  =  a  (mod  p)         i  f^  k  ^  j 
then 

di  =  a^mod  p) 

whereas  these  integers  are  distinct  modulo  p.     The  integers  az  are  thereby 
separated  into  (p  —  l)/2  pairs,  and  the  product  of  these  pairs  implies  that 

«i«2  *  *  '  cip-i  =  a(p_1)/2(mod  p) 

But  from  Wilson's  theorem 

aid?  •  •  •  dp-i  =  (p  —  1)!  =  —  l(mod  p) 
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Therefore, 

0(p-i)/2  =  -l(modp) 

If  a  is  a  quadratic  residue  modulo  p  and  x  =  r(mod  p)  is  one  solution  of 
x2  ss  a(mod  p),  then  x  =  p  —  r(mod  p)  is  the  other  solution,  for  (p  —  r)2 
s=  r2(mod  p).     Hence,  the  congruence 

diX  3=  a  (mod  p) 

has  x  S3  az(mod  p)  as  a  solution  if  and  only  if  a*  =  r(mod  p)  or  a*  =  p  — 
r(mod  p).  The  remaining  p  —  3  values  of  a*  set  up  (p  —  3)/2  pairs  of 
distinct  integers  such  that  the  product  of  each  pair  is  congruent  to  a 
modulo  p.     Consequently, 


0,10,2 ,'  *  '  ^zia^^modp) 
r(p  —  r) 

But 

r(p  —  r)  s=  —  r2  =  —  a(mod  p) 

Therefore, 

(p  -  1)!  33=  -tf(p-»/J(modp) 

and 

a(p-D/2  =  i(modp) 

Furthermore,  if  a(p_1)/2  =  l(mod  p),  a  must  be  a  quadratic  residue  of 
p,  for  if  it  were  not,  a(p_1)/2  =  —  l(mod  p).  This  condition  is,  therefore, 
a  test  for  a  quadratic  residue  of  p  if  p  is  an  odd  prime  and  a  is  prime  to  p. 

Examples.  Since  53  =  6 (mod  7),  5  is  a  quadratic  nonresidue  modulo 
7,  and  because  23  =  l(mod  7),  2  is  a  quadratic  residue  modulo  7. 

It  is  interesting  to  observe  that  if  the  modulus  is  a  composite  m,  the 
following  theorem  gives  a  necessary  condition  for  a  quadratic  residue  of  m : 

Theorem  9-3.  If  a  is  a  quadratic  residue  modulo  m  >  2,  then  a^m)/2  = 
l(mod  m)  and  aX(w)/2  =  l(mod  m). 

Suppose  that  r,  prime  to  m,  satisfies  the  congruence  x2  =  a(mod  m). 
Then  because  <f>(m)  is  even  if  m  >  2, 

(r2)*(m)/2  =  a^^)/2(mod  m) 
But 

r*(»»)  =  i(mod  m) 
Hence, 

a<^(m)/2  =  i(mod  m) 

It  is  obvious  that  if  m  >  2,  <£(ra)  may  be  replaced  by  X(m)  in  the  above 
proof. 

This  result,  however,  does  not  provide  a  sufficient  condition  for  a 
quadratic  residue  of  m,  for  although  (7,  48)  =  1,  \(48)/2  =  2,  and  72  = 
l(mod  48),  still  x2  =  7(mod  48)  has  no  solution. 
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Theorem  9-4.  The  quadratic  residues  of  an  odd  prime  p  coincide  with 
the  even  powers  of  any  primitive  root  of  p. 

Consider  the  congruence  x2  =  a(mod  p)  with  (a,  p)  =  1.  Then  if  r  is 
a  primitive  root  of  p,  because  the  powers  r,  r2,  .  .  .  ,  rp~l  form  a  reduced 
residue  system  modulo  p,  either 

a  =  r2k(mod  p) 
or 

a  =  r2k+1(mod  p) 

In  the  first  case,  it  is  evident  that  a  is  a  quadratic  residue  of  p,  for  (rk) 2  = 
a  (mod  p).     Applying  Euler's  criterion  to  the  second  case,  if 

(r2fc+i)(p-i)/2  _  i(mc.dp), 

the  exponent  of  r  must  be  a  multiple  of  p  —  1.  But  then  (2k  +  l)/2 
would  have  to  be  an  integer,  and  that  is  impossible.  Hence,  in  the  second 
case  a  is  a  quadratic  nonresidue  of  p.  Thus  the  set  of  quadratic  residues 
of  p  consists  of  the  even  powers  of  a  primitive  root  of  p. 

Corollary  1.  The  odd  powers  of  any  primitive  root  of  an  odd  prime  p 
coincide  with  the  quadratic  nonresidues  of  an  odd  prime  p. 

Corollary  2.  There  are  exactly  (p  —  l)/2  incongruent  quadratic  resi- 
dues and  the  same  number  of  incongruent  quadratic  nonresidues  of  an 
odd  prime  p. 

Corollary  3.  The  product  of  two  quadratic  residues  or  two  quadratic 
nonresidues  of  an  odd  prime  p  is  a  quadratic  residue  of  p,  but  the  product 
of  a  quadratic  residue  and  a  quadratic  nonresidue  of  p  is  a  quadratic 
nonresidue  of  p. 

When  a  table  of  indices  is  at  hand,  it  is  convenient  to  use  the  even 
powers  of  a  primitive  root  of  p  to  set  up  the  quadratic  residues  of  p,  but 
if  a  primitive  root  of  p  must  be  computed,  the  method  implied  by  the 
following  theorem  is  usually  the  more  expeditious  one  for  finding  quadratic 
residues : 


■  ■  ■  M 


Theorem  9-5.     The  integers  l2,  22,  .  .  .  ,  I— = — 1    are  the  incon 

gruent  quadratic  residues  of  the  odd  prime  p. 

Because  a2  =  (p  —  a)2(mod  p),  we  need  use  only  the  integers  l2,  22, 

.  .  .  ,  (  — ■= —  J  to  determine  the  quadratic  residues  modulo  p.     Each  of 

these  integers  is  evidently  a  quadratic  residue  of  p,  but,  more  than  that, 
no  two  of  them  are  congruent  modulo  p,  for  if 

di2  =  a22(mod  p) 
then 

(ai  —  a2)(«i  +  a2)  =  0(mod  p) 
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and  p  divides  at  least  one  of  a\  —  a2  and  a\  +  a2.  But  since  both  a\  and 
a2  are  positive  and  less  than  p/2,  neither  ax  —  a2  nor  a\  +  a2  is  divisible 
by  p.  These  (p  —  l)/2  integers,  therefore,  yield  all  the  quadratic 
residues  of  p. 

Examples.  Because  2  is  a  primitive  root  of  13,  the  quadratic  residues 
of  13  are  22  =  4,  24  =  3,  26  =  12,  28  =  9,  210  =  10,  and  212  ■  l(mod  13). 
Using  the  method  of  Theorem  9-5,  they  are  l2  =  1,  22  =  4,  32  =  9, 
42  ee  3,  52  =  12,  62  =  10(mod  13). 

EXERCISES 

1.  Is  15  a  quadratic  residue  of  17? 

2.  Find  all  quadratic  residues  of  29  and  31. 

3.  Prove  that  the  product  of  the  distinct  quadratic  residues  of  a  prime  p  =  4n  —  1 
is  congruent  to  1  modulo  p,  whereas  if  p  =  4n  +  1,  this  product  is  congruent  to  —1 
modulo  p. 

4.  If  p  is  a  prime,  prove  that  the  congruence  xG  +  7xi  —  36  =  0(mod  p)  has  a 
solution. 

5.  If  p  is  a  prime  of  the  form  4n  +  1,  prove  that  there  is  always  an  x  such  that 
x2  +  1  is  divisible  by  p. 

6.  If  b  is  a  quadratic  residue  of  7,  find  all  solutions  of  x2  =  6 (mod  7)  for  each  6. 

7.  If  b  is  a  quadratic  residue  of  7,  find  all  solutions  of  x2  =  b  (mod  72)  for  each  6. 

8.  Determine  whether  or  not  there  are  solutions,  and  if  so,  solve  the  congruences 
x2  =  9 (mod  132)  and  x2  =  5 (mod  132). 

9.  Prove  that  if  the  prime  p  =  2n  +  1,  every  quadratic  nonresidue  of  p  is  a  primi- 
tive root  modulo  p. 

10.  Make  use  of  Fermat's  theorem  to  show  that  if  a  is  a  quadratic  residue  of  a  prime 
p,  then  a(p-D/2  =  l(mod  p). 

11.  If  p  is  a  prime  greater  than  3,  prove  that  the  sum  of  the  quadratic  residues  of  p 
is  divisible  by  p. 

9-3.  The  Legendre  Symbol.  Legendre  was  chiefly  interested  in  ellip- 
tic functions  and  the  theory  of  numbers,  but  he  also  wrote  a  book  on 
geometry  which  was  so  well  received  that  at  the  time  it  rivaled  Euclid's 
" Elements"  in  popularity.  In  1830  he  published  two  volumes  on  the 
theory  of  numbers  that  organized  his  own  researches  and  those  of  his 
predecessors  in  this  subject.  In  this  work  he  partly  proved  the  remark- 
able law  of  quadratic  reciprocity. 

If  p  is  an  odd  prime  and  (a,  p)  =  1,  by  letting  (-j  =  -f-lor  —  1 

according  as  a  is  a  quadratic  residue  or  a  quadratic  nonresidue  of  p, 
Legendre  introduced  a  symbol  well  fitted  for  expressing  the  quadratic 
character  of  a  with  respect  to  p.  This  symbol  enables  us  to  express 
succinctly  some  important  facts  with  which  we  are  already  familiar. 

1.  It  is  evident  that  if  p  is  an  odd  prime  and  (a,  p)  =  1,  then  (  —  J  = 
+  1. 
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2.  If  d\  =  a2(mod  p),  a\  and  a2  being  prime  to  the  odd  prime  p,  then 


(?)  -  (?) 


3.  Euler's  criterion  shows  that  if  p  is  an  odd  prime  and  (a,  p)  =  1,  then 
-  J  =  a(p-1)/2(mod  p). 

4.  Corollary  3  of  Theorem  9-4  implies  that  if  p  is  an  odd  prime  and 
(ai}  p)  =  1,  where  i  =  1,  2,  .  .  .  ,  n,  then  f^2      —J  =  (  °^\  \^\ 

■  (?) 

5.  If  ai  and  a2  are  prime  to  p,  (  —  )  (  —  )  =  + 1,  as  well  as  (  —  J  =  \  —  \ 
expresses  the  fact  that  &i  and  a2  have  the  same  quadratic  character  with 
respect  to  the  odd  prime  p.     Furthermore,  (  —  J  ( —  J  =  — 1  and  (  —  J  = 

indicate  that  ai  and  a2  have  opposite  quadratic  characters  with 


-(?) 


respect  to  p. 

9-4.  The  Prime  Moduli  of  Which  an  Integer  Is  a  Quadratic  Residue. 

Having  solved  the  problem  of  determining  the  quadratic  residues  of  a 
prime,  we  now  ask  if  we  can  find  the  prime  moduli  of  which  a  given 
integer  is  a  quadratic  residue.  If  the  integer  is  odd,  it  is,  of  course,  a 
quadratic  residue  of  the  prime  2  and  so  the  question  must  be  settled  only 
for  odd  primes. 

Suppose  that  a  =  ±k2b,  with  k2  the  largest  square  in  a  and  b  >  0. 

Then  because  (  -  )  =  (  ^=—  )  (  -  )>   the  quadratic   character  of  a  with 

respect  to  an  odd  prime  p  is  determined  by  the  quadratic  character  of  ±  1 
and  the  positive  prime  factors  of  a  that  occur  in  it  to  an  odd  power.  Let 
these  primes  be  qh  q2,  .  .  .  ,  qn-     Then 

W  ~  \  v  )\v)\v)         \v) 

and  therefore  our  question  about  the  prime  moduli  of  which  a  is  a  quad- 
ratic residue  can  be  answered  by  studying  the  symbols  (  =—  h  I  -  J,  and 

where  q  is  an  odd  prime. 


V, 

Taking  these  symbols  in  order,  it  is  first  of  all  evident  that  (  -  J  =  +1 
for  every  prime  p. 
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Theorem  9-6.  The  integer  —  1  is  a  quadratic  residue  of  all  primes  of 
the  form  4n  +  1  and  a  quadratic  nonresidue  of  all  primes  of  the  form 
An  +  3. 

The  congruence  x2  =  —  1  (mod  p)  has  a  solution  if  and  only  if  ( —  l)  (p-d/2 
=  l(mod  p).  If  p  =  4w  +  1,  then  (p  -  l)/2  =  2n,  but  if  p  =  4n  +  3, 
it  is  clear  that  (p  —  l)/2  =  2n  +  1.  Hence,  —1  is  a  quadratic  residue 
of  the  first  set  of  primes,  and  it  is  a  quadratic  nonresidue  of  the  second  set. 

Example.  There  is  no  solution  of  x2  =  —  l(mod  31),  but  there  are 
two  solutions  of  x2  =  —  l(mod  29),  and  they  are  x  =  12  and  x  = 
-12(mod29). 

Theorem  9-7  (The  Lemma  of  Gauss).  Take  p  an  odd  prime  and  q 
prime  to  p.  Find  the  least  positive  residues  modulo  p  of  the  integers 
q,  2q,  .  .  .  ,  [(p  —  l)/2]q.     If  u  is  the  number  of  these  residues  that  are 

greater  than  p/2,  then  (-)  =  (-!)"• 
The  integers 

q,  2J,  3q,  .  .  .  ,E^q  (1) 

are  prime  to  p  and  incongruent  modulo  p.  Their  least  positive  residues 
modulo  p  are,  therefore,  distinct  integers  of  the  set 

1,  2,  .  .  .  ,  p  -  1  (2) 

Let 

ai,  (Li,  .   .  .  ,  au 

represent  the  least  positive  residues  greater  than  p/2  of  the  integers  in 
(1),  while 

bi,  b2,  .  .  .  ,  bv 

denote  those  least  positive  residues  which  are  less  than  p/2.     Then 
u  +  v  =  (p  -  l)/2. 
The  integers  of  the  set 

p  —  ai,  p  —  a2,  .  .  .  ,  p  —  au 

are  prime  to  p,  less  than  p/2,  and  are  incongruent  modulo  p.  Moreover, 
these  integers  are  distinct  from  the  bi,  for  if 

bi  =  p  —  a/(mod  p)         i  =  1,  2,  .  .  .  ,  v;  j  —  1,  2,  .  .  .  ,  u 

then 

bi  +  a,j  =  0(mod  p) 

However,  both  h  and  a3-  are  congruent  modulo  p  to  integers  of  (1),  and 
therefore  sq  +  tq  =  0(mod  p),  where  s  and  2  are  distinct  integers  of  the 
set  1,  2,  .  .  .  ,  (p  —  l)/2.     Hence,  s  +  t  =  0(mod  p).     But  since  both 
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s  and  t  are  positive  and  less  than  p/2,  the  sum  s  +  t  cannot  be  divisible 
by  p.     Thus  6t  +  a,-  cannot  be  divisible  by  p.     Consequently,  the  integers 


61,  b2,  .  .  .  ,  bv,  p  —  ah  p  —  a2, 


p  —  au 


form  a  set  of  (p  —  l)/2  incongruent  integers  modulo  p  all  of  which  are 
positive  and  less  than  p/2.  They  are,  therefore,  in  some  order  the 
integers  1,  2,  .  .  .  ,  (p  —  l)/2.     As  a  result, 


616. 


V  —  1 
bv(p  -  di)(p  -  a2)   •  •  •   (p  -  au)  =  — - — !  (mod  p) 


and 


(-l)ubA 


bvaia2  •  •  •  au  =  ^—^ — !  (mod  p) 


But  the  bi  and  the  a;  are  the  residues  of  the  products  in  (1).     Therefore, 
6162  •  •  •  bva\a2  •   •  '  au  =  q  •  2q  • 


V  o       g(mod  p) 


P-  hniv 


!  ^-^(mod  p) 


and 


(-1)U^-7T^^(P~1)/2  =  ^-o-^!(modp) 


By  multiplying  by  (  —  1)M  and  dividing  by  [(p  —  l)/2]!,  we  have 


f(p-l)/2 


=  (  — l)M(mod  p) 


But 


V 


=  g(p-1)/2(mod  p) 


according  to  Euler's  criterion.     Hence, 

(j)-(-l)»(modp) 


but  since  both  (  -  j  and  ( —  l)u  have  only  the  values  + 1  and  —  1,  it  follows 

that(j)  =  (-l)«. 

Theorem  9-8.     If  p  is  an  odd  prime  and  q  is  odd  and  prime  to  p,  and  if 


M 


-[?H 


+ 


+ 


V  ~  1  q 


)  then 


(-1)*. 


2      p\ 

Let  (p  —  l)/2  =  s.     Also  let  the  least  positive  residues  modulo  p  of 
q,  2a,  ...  ,  s(?  be  in  order  n,  r2,   .   .  .  ,  rs.     Then 
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q  =  v 

M+" 

2q  =  p 

_P  J 

sq  =  p 

sq 
_P_ 

+  rs 
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Adding    these    equations    and    using    the    fact    that    1  +  2  + 
[(p  -  l)/2]  =  (p2  -  l)/8,  we  have 


p2  -  1 
8 


g  =  pM  +  ri  +  r2  + 


+  r8 


But  these  integers  rk,  where  k  =  1,  2,  .  .  .  ,  (p  —  l)/2,  are  the  az,  where 
i  —  1,  2,  .  .  .  ,  u,  and  the  fry,  where  j  =  1,  2,  .  .  .  ,  v,  of  Theorem  9-7. 


Let  Y  a*  =  A  and  Y  bj  =  B.     Then 
»=i  y-i 


£l__l9  =  pM  + A  +  B 


(3) 


But  in  Theorem  9-7  we  also  showed  that  the  p  —  a?  together  with  the  fey 
are  in  some  order  the  integers  1,  2,  .  .  .  ,  (p  —  l)/2.     Hence, 


p- 


1 


8 


=  pu  —  A  +  B 


By  subtracting  Eq.  (4)  from  (3),  we  find 
v2  -  1 


8 


(q  -  l)  =  p(M  -  u)  +  2A 


(4) 


(5) 


Consequently,  if  both  p  and  q  are  odd,  M  —  u  is  even;  that  is,  M  = 
u(mod  2).  Hence,  when  q  is  odd  and  prime  to  the  odd  prime  p,  by 
applying  Theorem  9-7  we  have 


=  (-!)•-  (-1)" 


On    the    other    hand,    if    q  =  2,    then 

(P  ~  l)g/2l  =  [p-  1 
P        J      LP 
since  p  =  2&  +  1, 


=  0, 


2q 
V 


0, 


=  0.     Hence,  M  =  0,  and  Eq.  (5)  shows  that 


p< 


1 


=  -(2k  +  l)M(mod  2) 


—  u  =  w(mod  2) 
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Therefore,  by  Theorem  9-7, 


(_1)-  =  (-1)(p2 


■D/8 


Corollary.     The  integer  2  is  a  quadratic  residue  of  all  primes  of  the 
form  Sn  ±  1  and  a  quadratic  nonresidue  of  all  primes  of  the  form  Sn  ±  3. 


When  p  =  Sn  ±  1,  then  (p2  -  l)/8  =  Sn2  ±  2n,  and  ( -  J  =  +1,  but 


when  p  =  Sn  ±  3,  (p2  -  l)/8  =  Sn2  ±  Qn  +  1,  and  ( -  )        -  ! 


Examples 

-1. 


■(£)- 


(_1)(22)(24)/8    =     +lj         but 


(I)  -  <- 


1) 


(28)(30)/8 


Theorem  9-9  (The  Quadratic  Reciprocity  Law).     If  p  and  q  are  dis- 
tinct odd  primes,  ( ^J  C?)  =  (-l)^-'^-. 

We  shall  present  a  proof  of  this  theorem  that  is  based  upon  a  geometric 
demonstration  given  by  F.  G.  Eisenstein  (1823-1852). 


y 

c 

D 

E 

;  ;  ;  v^f 

^<-  • 

X 

0 

B    A 

4 

Taking  rectangular  coordinate  axes  and  a  convenient  unit,  mark 
off  units  from  0  along  the  x  axis  to  represent  the  integers  1,  2,  ...  , 
(p  —  l)/2,  and  in  like  manner  along  the  y  axis  to  represent  1,  2,  ...  , 
(q  -  l)/2.  Then  OB  =  (p  -  l)/2,  and  OD  =  (q  -  l)/2.  Let  OA  = 
p/2  and  OC  =  q/2.  We  then  call  all  points  both  of  whose  coordinates 
are  integers  lattice  points.     Within  the  rectangle  OAEC,  but  not  on  its 


boundary,  there  are,  therefore,  — 


Iff 


1 


lattice  points. 


2  2 

The  equation  of  the  line  OE  is  py  =  qx,  and  it  intersects  any  line  x 


k 


parallel  to  the  y  axis  in  the  point  (  k,—  )•     Therefore,  if  k  is  a  positive 

integer,     —    is  the  number  of  lattice  points  on  x  =  k  above  the  x  axis 
and  on  or  below  OE.     However,  when  k  takes  the  values  1,  2,  ...  , 
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(p  _  i)/2,  since  (q,p)  =  1,  kq/p  is  not  an  integer  and  so  there  will  be  no 
lattice  points  on  OE  and  within  the  rectangle  OAEC.  Consequently,  the 
number  of  lattice  points  within  the  triangle  OAE  is 

In  like  manner  by  taking  py  =  qx  and  the  lines  y  =  t}  for  t  =  1,  2, 
•  •  •  j  (<7  ~  l)/2,  we  find  that  the  number  of  lattice  points  within  the 
triangle  OEC  is 

[?H?]  +  ;  "+[ViH 

Hence,  the  number  of  lattice  points  within  the  rectangle  OAEC  is 

We  have  shown  that  \S\  =  (-1)M  and  that  (^J  =  (-1)*.  There- 
fore, 

d)  (,)  _<_,,„ 

and  consequently  when  p  and  g  are  distinct  odd  primes, 


This  famous  theorem  was  discovered  at  different  times  by  Euler, 
Legendre,  and  Gauss,  but  Gauss  was  the  first  one  to  prove  it.  He  accom- 
plished this  feat  in  1796,  when  he  was  but  eighteen  years  of  age.  He 
appraised  the  theorem  so  highly  as  to  call  it  the  "gem  of  higher  arith- 
metic "  and  developed  six  different  proofs  of  it.  Among  the  leading 
mathematicians  who  have  also  proved  the  theorem  are  Cauchy,  Eisen- 
stein,  Jacobi,  Kronecker,  Kummer,  Liouville,  and  Zeller.  Indeed,  the 
interest  that  it  has  continued  to  arouse  is  evidenced  by  the  fact  that  it  was 
proved  in  about  fifty  ways*  during  the  nineteenth  century.  More  than 
that,  the  number  of  proofs  keeps  growing,  but,  of  course,  not  all  of  them 
are  essentially  different. 

Because  of  the  importance  of  the  quadratic  reciprocity  law,  it  is  worth 
while  giving  a  second  proof  of  it  that  does  not  depend  upon  the  geometric 
meaning  of  M .  The  following  proof  is  a  modification  of  one  of  Gauss' 
proofs: 

*  P.  Bachmann,  "  Grundlehren  der  neueren  Zahlentheorie." 
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Taking  p  and  q  as  odd  primes  with  q  <  p  and 


M 

N 


-[■ 

-fe] 


+ 
+ 


2q 
V  J 
2p 

L  q  J 


we  wish  to  prove  that    M  +  2V  = 


+ 
+ 


•  + 

•  + 

Iff 


p 

— 

1  q] 

_ 

2 

P. 

ff 

— 

lV 

2 

q. 

1 


We  observe  that  if 


2  2 

&  =  1,  2,  .  .  .  ,  (p  —  l)/2,  no  /bg/p  is  an  integer,  for  both  k  and  g  are  less 

than  the  prime  p.     Moreover,     -     =0,  and     —     is  at  most  1.     Of 

LPJ  [P  ] 

course,  if     —     =  s,  so  that  kq  =  sp  +  r  with  0  <  r  <  p,  then  (k  +  l)g 
=  sp  +  r  +  g.     But    T—^    is  at  most  1.     Therefore,     ^  +  1)g    is  at 

Dffl  = 


most  s  +  1. 

Furthermore,  the  value  of  the  last  term  of  M  which  is 


pq  -  p  +  p 
2p 


can    be    written 


[**-' 


+ 


v  - 1 
2p    J 


(P 

2p 

=  (2  -  D/2, 


because  p  —  q  <  2p. 

Assuming  that  for  ft  <  (p  —  l)/2  the  integer  —  is  the  last  term  of 
the  expression  for  M  whose  value  is  s,  we  shall  find  the  number  k  of  this  term 
of  the  series  in  terms  of  p,  q,  and  s.     Since —     =  s  +  1, 


Hence, 

and  therefore 


P  P 


k<(l±VP<k  +  1 


k 


-[*¥>] 


is  the  number  of  the  last  term  of  the  expression  for  M  having  the  value  s, 
where  0  <  s  <  (q  —  l)/2.     It  follows  then  that  the  number  of  the  last 

term  of  this  series  that  has  the  value  s  —  1  is     —   •     Consequently,  for 
all  nonnegative  s  <  (q  —  l)/2,  the  number  of  terms  of  M  that  have  the 


— • >  p^i  -  [f  ] 
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Moreover,  the  number  of  terms  of  M 


that  have  the  value  (q  —  l)/2  is  (p  —  l)/2 


-I^f] 


M 


-  B]  - 


2g 
P. 


+   • 

Oyg 

2    J 


+ 


+ 


+ 

+  1 


P  ~ 


Hi 


+  2 


Therefore, 


2p 


3p 


L 2  J        LQ  J 


+ 


([?]  -  [?]) 

+  g  ~  1  J2  ~  1   _  ["g  ~  *  g 

[|]-[f] [^!]+^^ 


N  + 


p  -  1    q  -  1 


Hence,    ikf  +  JV  =  ^— ^ —  •  ^— ^ — >    and   the    quadratic    reciprocity   law 

follows. 

Corollary  1.     If  at  least  one  of  the  primes  p  and  q  is  of  the  form  4n  +  1, 

-©(J)--*- Ms)-®- 

Corollary  2.     If  both  the  primes  p  and  q  are  of  the  form  4^  +  3,  then 

©6)-— (!)-©■ 

Examples.     1.  Test  z2  =  15 (mod  17)  for  a  solution. 

Since  15  =  —  2(mod  17),  we  factor  —2  and  have  (  —=-  j  =  I -ry  )  ( 77  )* 

Also  f  ^)  =  (-1)8  =  +1,  and  (~J  =  (-l)tt«>U«>/8  =  +L     Hence, 

(  — =-)  =  +1,  and  there  is  a  solution  of  the  congruence. 
2.  Is  67  a  quadratic  residue  of  89? 
Since    67S-22(mod    89),    we    find    (^)  =  (^)  (|)  (j{). 

Furthermore,  ( -oq-)  =  +1,  for  89  is  of  the  form  4n  +  l;(^j=+l7 

for  89  is  of  the  form  8n  +  1 ;  and  (oq)(tt)  —  +1»  according  to  Corol- 


=  +1,    and   [~ 
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lary    1    above.     Thus   L^J  =  f  —  V     However,    I  —  J  =  I— J  =  + 1. 

Therefore,  there  is  a  solution  of  x2  =  67 (mod  89). 
3.  Is  33  a  quadratic  residue  of  89? 

Factoring  immediately  we  have  (g)  =  (|)  Qjj     But  Q0  (|) 
(  y)  =  (3)  =  —  !■     Therefore,    (g^j  =  -1,    and,   from 

above,   L     =  +1.     Consequently,  (oq)  =  —1,  and  the  congruence 

x2  s=  33  (mod  89)  has  no  solution. 

The  quadratic  reciprocity  law  also  enables  us  to  solve  the  problem 
previously  stated  of  determining  the  odd  primes  of  which  a  given  integer 
is  a  quadratic  residue  or  nonresidue.  It  is  apparent  that  if  we  wish  to 
find  the  primes  of  which  a  composite  is  a  quadratic  residue  or  nonresidue, 
the  composite  must  be  factored  into  primes  and  the  conclusions  drawn  by 
means  of  Corollary  3  of  Theorem  9-4.  We  shall,  therefore,  consider  first 
the  case  where  the  given  number  is  an  odd  prime  q. 

If  q  is  of  the  form  4n  +  1,  then  (  -  )  =  (  -  )•     Hence,  if  I  -  )  is  to  be 

+  1,  p  must  be  a  quadratic  residue  of  q  as  well  as  being  odd,  and  if  I  —  J  is 

to  be  —1,7?  must  be  an  odd  quadratic  nonresidue  of  q.  For  example,  if 
q  =  5,  the  prime  p  must  satisfy  the  congruence 

x  =  l(mod  2) 
and  one  of 

x  =  1,  4(mod  5) 

in  order  that  (-)  =  +1.  Hence,  p  =  1,  9(mod  10);  that  is,  5  is  a 
quadratic  residue  of  all  primes  of  the  form  10A;  +  1.  On  the  other  hand, 
if  (  - )  is  to  be  —  1,  then  p  must  satisfy 

x  =  l(mod  2) 

and  one  of  the  congruences 

x  =  2,  3  (mod  5) 

Thus  p  =  3,  7 (mod  10),  and  5  is  a  quadratic  nonresidue  of  all  primes  of 
the  form  10/c  +  3  and  10k  +  7. 

If  the  given  prime  q  is  of  the  form  4n  +  3,  then  l^J  yH  =  (-i)l*-»/i 


QUADRATIC    RESIDUES  149 

and  so  (^)  =  (-l)^-1)'2  ( £Y     In  this  case  if  (±\  is  to  be  +1,  either 
p  =  l(mod4)         and         (^)  =  +1 


or 


p  =  3(mod4)         and         1^1  =  -1 


If  ( -  J  is  to  be  —  1,  then  either 


p  =  3(mod4)         and         (^  )  =  +1 


or 


p  =  l(mod4)         and         {-)  =  -1 

Accordingly,  if  q  =  7  and  ( -  J  is  to  be  +1,  then  p  must  satisfy 

x  =  l(mod  4) 
and  one  of  the  congruences 

xsl,2,  4(mod  7) 

giving  p  s  L  9,  25  (mod  28),  or  p  satisfies  the  congruence 

x  =  3  (mod  4) 
and  one  of 

x  =  3,  5,  6(mod  7) 

with  the  result  that  p  =  3,  19,  27(mod  28).  Hence,  7  is  a  quadratic 
residue  of  all  primes  of  the  form  28/c  +  1,  28/c  +  3,  28k  +  9,  28/c  +  19, 
28k  +  25,  and  28k  +  27.  In  like  manner  we  find  that  7  is  a  quadratic 
nonresidue  of  all  primes  of  the  form  28k  +  5,  28k  +  11,  28k  +  13,  28k  + 
15,  28fc  +  17,  and  28k  +  23. 

Now  suppose  that  the  given  integer  is  of  the  form  2q  with  the  prime 

q  =  4n  +  L     Then  (|)  =  (?)  (j)  =  (_l)(f-»/»  (j).     If  2g  is  to  be 

a  quadratic  residue  of  p,  it  follows  that  either 

p  =  ±l(mod  8)         and         f  ?J  =  +1 

Ox' 

p  =  ±3(mod8)         and         (-]=  ~] 
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If  either 

p  m  ±l(mod8)         and         (? 


or 


(!) 


p  m  ±3(mod  8)  and         (  '   )  -    fl 

then  2g  is  a  quadratic  nonresidue  of  p. 

When  the  given  integer  is  of  the  form  2q  with  the  prime  q  =  4n  +  3,  it 

is  evident  that  (^J  =  (-1)^-^  ( £j.  But  \S\  ==  (_i)(p-d/2  M? 
so  that  f^J  =  (-1)(p2+4P-5)/8  f  P\  The  exponent  (p2  +  4p  -  5)/8  is 
even  if  and  only  if  p  =  1,  3  (mod  8).     Hence,  I  —  )  will  be  + 1  when  either 


or  when 


and         (-)  =  - 


p  =  5,  7(mod  8)         and         (-)  =  -1 


The  conditions  for  (  —  )  to  be  —  1  are  now  obvious. 
XP/ 
Finally,  let  us  suppose  that  the  given  integer  is  the  product  of  two  odd 

primes  qi  and  q2  with  q1  =  4n  +  1  and  q2  =  4s  +  3.     Then  f  i^\  = 

(  —  J  I  —  )•     By  combining  the  first  two  cases  it  is  clear  that  the  primes  p 

determined  by  those  of  which  both  qi  and  q2  are  quadratic  residues  are 
characterized  by  the  following  statements: 

1.  They  satisfy  x  =  l(mod  2). 

2.  They  are  quadratic  residues  of  q\. 

3.  They  satisfy  x  =  l(mod  4)  and  are  quadratic  residues  of  q2,  or  they 
satisfy  x  =  3  (mod  4)  and  are  quadratic  nonresidues  of  q2. 

There  are  also  primes  p  described  by  the  conditions: 

1.  They  satisfy  x  =  l(mod  2). 

2.  They  are  quadratic  nonresidues  of  q\. 

3.  They  satisfy  x  =  3 (mod  4)  and  are  quadratic  residues  of  q2,  or  they 
satisfy  x  =  l(mod  4)  and  are  quadratic  nonresidues  of  q2. 

Examples.     1.  Find  the  odd  primes  of  which  14  is  a  quadratic  residue. 

If  14  is  to  be  a  quadratic  residue  of  the  odd  prime  p,  then  p  must  satisfy 

two  congruences  selected  in  the  manner  already  exhibited  from  each  one 


of  the  following  sets: 
and 
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a?  a  1,  3(mod  8) 
x  =  1,  2,  4(mod  7) 

a;  ss  5,  7  (mod  8) 
z  sa  3,  5,  6(mod  7) 


From  the  first  set  we  find  that  p  =  1,9,  11,  25,  43,  51(mod  56),  and  from 
the  second,  p  =  5,  13,  31,  45,  47,  55(mod  56). 

2.  Find  the  odd  primes  of  which  35  is  a  quadratic  residue. 

(  —  j  =  (-)(-)>  and  both  symbols  must  be  + 1  or  both  —  1  for  (  —  J 

to  be  +1.     Hence,  p  satisfies  one  of  the  congruences 

x  =  +l(mod  10) 
and  one  of 

x  =  1,  3,  9,  19,  25,  27(mod  28) 

giving  p  =  1,9,  19,  29,  31,  59,  81,  109,  111,  121,  131,  139(mod  140),  or  p 
satisfies  one  of  the  congruences 

x  =  3,  7(mod  10) 
and  one  of 

x  =  5,  11,  13,  15,  17,  23(mod  28) 

with  the  result  that  p  =  13,  17,  23,  33,  43,  67,  73,  97,  107,  117,  123, 
127  (mod  140). 

EXERCISES 

1.  Evaluate:  (^),  (^),  (|),  (|)- 

2.  Is  there  a  solution  of  x2  =  21  (mod  41)? 

3.  Find  the  values  of  q  for  which  (A)   =  +  1. 

4.  Find  the  primes  of  which  11  is  a  quadratic  residue. 

5.  Find  the  primes  of  which  6  is  a  quadratic  nonresidue. 

6.  Prove  that  10  is  a  quadratic  residue  of  all  primes  p  =  1,  3,  9,  13,  27,  31,  37, 
39  (mod  40). 

7.  Prove  that  —3  is  a  quadratic  residue  of  all  primes  of  the  form  6n  +  1  and  a 
quadratic  nonresidue  of  primes  of  the  form  6n  —  1. 

8.  Find  the  primes  of  which  15  is  a  quadratic  residue. 

9.  Show  that  a  quadratic  residue  of  an  odd  prime  p  is  also  a  quadratic  residue  of  pn. 

10.  Prove  that  there  are  infinitely  many  primes  of  the  form  An  +  1.  (Assume 
the  number  of  these  primes  is  finite  and  use  them  to  construct  an  integer  4£2  +  1. 
Consider  the  form  of  the  prime  factors  of  this  integer.) 

11.  Show  that  there  is  an  infinite  number  of  primes  of  the  form  Sn  +  1. 

12.  Prove  that  3  is  a  primitive  root  of  every  prime  of  the  form  22"  +  1  by  considering 
the  quadratic  character  of  3  with  respect  to  such  a  prime. 
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9-5.  The  Jacobi  Symbol.     Let  P  =  pip2  .  .  .  pr,  where  the  pi,  with 

i  =  1,2,  .   .   .   ,r,  are  positive  odd  primes,  not  necessarily  distinct.     Then 

/  771  \ 

if  m  is  any  integer  prime  to  P,  the  Jacobi  symbol  I -p  )  is  defined  in  the 
following  manner: 

\p)  ~  xpJ  W  '   W 

where  the  symbols  to  the  right  of  the  equality  sign  are  Legendre  symbols. 

When  P  =  pip2  •  '  '  pr  and  Q  =  qiq2  *  •  •  qs,  with  the  pi  and  qj, 
where  j  =  1,  2,  •  •  *  ,  s,  positive  odd  primes,  the  properties  of  the  Jacobi 
symbol  are  expressed  by  the  following  theorems: 

Theorem  9-10.     If  m  is  prime  to  both  the  positive  odd  integers  P  and 

Applying  the  definition  given  above,   ("pj^l  — )( — )  '  '  '  (  — ); 

-(?) - fe)©  •  ■  ■  0)  h—(?)(s)'=  fe)  ■  •  i) 

(!)•••  (f )  "d  "*"*"  (?)  (l)  -  fe)- 

Theorem  9-11.  If  m  and  n  are  prime  to  the  positive  odd  integer  P, 
/mn\  _  (m\  I  n\ 

yv)  -  \p)  \pf 

(mn\       (mn\  (mrb\  (mn\      _,    .    ,.      T  ,  .    .  (mn\ 

-  (?)  fe>  H«-  (")  -  fe)  fe)  ©  (s)  ■  fe)  fe) 

Theorem  9-12.  If  m  and  n  are  prime  to  the  positive  odd  integer  P  and 
if  m  =  n(mod  P),  then  (p-J  =  (  p)* 

Because  m  =  n(mod  P)  implies  that  m  =  n(mod  p%),  where  i  =  1,  2, 
.  .  .  ,  r,  the  theorem  follows  immediately  from  the  definition  of  the 
Jacobi  symbol. 


•  ? 


(P-D/2 


Theorem  9-13.     If  P  is  a  positive  odd  integer,  (  -=-  )  =  (  —  1) 
According    to    the    definition    (  — =r-  1  =  ( 1  ( I  •  •  •  ( ] 

V[(Pi-l)/2] 

(  —  1)  *  ,    where    i  =  1,    2,   .   .  .  ,    r.     But    P  =  pxp2  •  "  *  pr 
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l  +  (pi  -  1)}{1  +  (P2-  1)}   ' ••  •   {1  +  (Pr-  1)},  and  thus  P  =  1  + 

r  r  r 

J  (»-l)+   J  (pi-1)(p»-1)+  •  •  •  +fl  (P.-D-    Butpi-l 


i  =  l  i,k  =  l 

i<k 


P  -   1 


-  O(mod  2),  so  that  P  =  1  +   >    (p.-  -  l)(mod  4).     Hence, 

i  =  l 

r 

V  ^^  (mod  2).     Therefore,  (^j\  =  (-l)^'2. 

i  - 1 

Theorem  9-14.     If  P  is  a  positive  odd  integer,  f  |j  =  (- l)<pi-1>'8. 

r 

-  1)J{1    +    (?>22    -    1)}     •    •    •     {1    +    (p,*    -    1)}     =     1    +     2    (Pi2    "    1)   + 

i  =  l 

r  r 

1  (Pi2  -  i)fe2  - 1)  +"•••  +  n  fe2  -  !)•  But  since  ^  - 1  = 
i,&=i  z=i 

Y"\  P2  —    1 

0(mod  8),  it  follows  that  P2  =  1  +    >    fe2  -  l)(mod  64),  and x —  = 

»  =  1 

V  Pi2  ~  1  (mod  8).     Hence,  (^\  =  (-1)Cp*-u/8. 

Theorem  9-15.     If  P  and  Q  are  positive,  relatively  prime  odd  integers, 

(0-©©-©^©-(s)te)---(^"- 

factoring  (  p)  in  like  manner  and  forming  the  pairs  (      )  (      r  we  find 


,  where  i  =  1,  2,  .  .  .  ,  r  and 


1,3 


j  =  1,  2,  .  .  .  ,  *. 


For  a  fixed  j,    £  (p*  -  l)(a  -  1)  =  fe  -  1)  V  (p<  -  1).     But  we 

i=l  i=l 

r 

saw  that  \    (p»  —  1)  =  P  —  l(mod  4),  and  because  qj  —  1  is  even,  it  is 

i  =  l 
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evident  that 

r 

fe  -  1)   j  (lk  -  1)  =  (P  -  1)(©  -  l)(mod  8) 
i  =  i 
Therefore, 

J  (^  -  i)(*  -  i)  =  J {(»  - 1)  J  (p<  -  i)} 

-  X(p"  !)fe-  l)(mod8) 

y 

-  (P-  1)  Jfo-  l)(mod8) 

Because  P  -  1  is  even,  (P  -  1)  Y  fe  -  1)  =  (P  -  1)(Q  -  l)(mod  8). 
Hence, 

Therefore, 


©®-<-»w 


(?) 


According  to  the  definition  of  the  Jacobi  symbol,  (^  )  is  +1  when  all 
I  —  )  =  +1   or  when  an  even  number  are   —  1.     In  the  first  case  the 

w 

congruences 

x2  =  ra(mod  p,-)         i  =  1,  2,  .  .  .  ,  r  (6) 

have  a  solution  for  each  pi}  and  consequently  there  is  a  solution  of 

x2  =  m(mod  P)  (7) 

But  in  the  second  case  the  congruences  (6)  fail  to  have  a  solution  for  cer- 
tain pi,  and  therefore  (7)  has  no  solution.     Hence,  if  the  Jacobi  symbol 


p) 


+ 1 ,  we  have  a  necessary  but  not  a  sufficient  condition  that  m  be 


con- 


a  quadratic  residue  of  P.     However,  if  ( -=5  J  =  —  1,  it  is  evident  that 

gruence  (7)  has  no  solution. 

Let  us  take  some  examples  to  illustrate  the  differences  in  the  use  of  the 
Jacobi  and  the  Legendre  symbols.  Consider  the  congruence  x2  = 
135 (mod  173)  in  which  135  and  173  are  odd  and  relatively  prime.     Using 
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Jacobi   symbols,   we   find   (773  )  (735  )  =  +1    and   (jjjlj )  =  \j35j  = 

««'•  (w)  -  (I)  -  -'■ s° "»'  (iS) =  +1'  •*  (I)  - +1 

Therefore,  I  zr=~  )  =  +*•     Since  173  is  a  prime,  this  is  a  Legendre  symbol 

and  we  can  conclude  that  there  is  a  solution  of  the  congruence. 

Since  173  is  a  prime,  we  can,  moreover,  solve  the  problem  by  using  only 

Legendre  symbols.     Thus  (g|)  -QL j  (jfg)  (jfg )•     But 

(AX? )  -  «• 

and  (-3- J  =  (  r)  =  —  1.     Hence,  (770)  =  —  1.     Furthermore, 

(A)(t)- 


+1, 


+1. 


But  (?)  =  (I)  "  -1' and  so  (A)  -  -1-  Hence'  (m) 

and  therefore  the  given  congruence  has  a  solution. 

Now  consider  the  congruence  x2  =  21  (mod  253),  where  253  is  not  a 

prime.     In   this   case  Q£j  {^fj  =  +1,   and   (^fj  =  Qj  =  +1. 

/2l\ 
Hence,  \kfo  )  =  +1?  but  this  is  a  Jacobi  symbol,  and  we  can  reach  no 

conclusion  as  to  the  existence  of  a  solution  of  the  congruence.     However, 

(S)  =  (§)  (i) and  since  (it)  =  (tt)  -  -1' there  is  no  solu- 

tion  of  x2  =  21  (mod   11).     Hence,   there  is  no  solution  of  the  given 
congruence. 

EXERCISES 

1.  Apply  both  Jacobi  and  Legendre  symbols  to  determine  whether  or  not  the  con- 
gruence x2  S3  35  (mod  71)  has  a  solution. 

2.  Evaluate  the  following  symbols  and  interpret  the  results :  (  q=  J  >  (  r^ry  )  >  (  ^rz  )  • 

3.  Use  Legendre  symbols  to  determine  all  the  quadratic  residues  of  41. 
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9-6.  The  Solution  of  x2  =  o(  mod  2n).  It  is  evident  that  if  (a,  2)  =  1, 
the  congruence  x2  =  a(mod  2)  has  the  solution  x  =  l(mod  2),  but  if 
(a,  2)  =  1,  the  congruence  x2  =  a  (mod  4)  has  a  solution  if  and  only  if 
a  ss  l(mod  4),  in  which  case  there  are  two  solutions  1  and  3  modulo  4. 

Theorem  9-16.  If  n  >  3  and  x2  =  a(mod  2n)  has  a  solution,  then 
a  ss  l(mod  8). 

Suppose  x0  satisfies  the  congruence.  Then  x02  =  a(mod  2n),  and  there- 
fore x02  ss  a(mod  8) .  But  x0  is  odd,  and  its  square  is,  therefore,  congruent 
to  1  modulo  8.     Hence,  a  =  l(mod  8). 

Theorem  9-17.  If  a  =  l(mod  8),  there  are  exactly  four  distinct  solu- 
tions modulo  2n,  where  n  >  3,  of  the  congruence  x2  =  a(mod  2n). 

We  shall  first  show  by  induction  that  the  congruence  x2  =  a(mod  2n) 
with  a  s=  1  (mod  8)  has  a  solution.  We  know  that  under  the  given  condi- 
tion x2  s=  a(mod  8)  has  a  solution.  Assuming  that,  for  a  given  k,  x2  = 
a  (mod  2*)  is  satisfied  by  x0,  we  infer  that  x02  —  a  =  2kh.  We,  therefore, 
wish  to  determine  t  so  that  #o  +  2k~H  satisfies  x2  =  a(mod  2k+1),  that  is, 
so  that 

(x0  +  2A;-102  s=  a(mod2k+l) 
x02  -  a  +  2*x0*  +  22A;~2^2  =  0(mod  2k+l) 
2k(h  +  a;00  =  0(mod  2k+1) 
and  finally 

/i  +  Xot  =  0(mod  2) 

Because  this  congruence  always  has  a  solution,  there  is  a  value  of  t  for 
which  x0  +  2fc-1£  satisfies  x2  =  a(mod  2k+l).  Thus  the  congruence  x2  = 
a(mod  2n)  has  a  solution  if  a  s=  l(mod  8). 

But  whenever  x2  =  a(mod  2n),  where  n  >  3,  has  one  solution  x  = 
a:i(mod  2n),  it  has  exactly  four  solutions,  for  suppose  that  x\  and  x2  satisfy 
the  congruence.     Then 

Xi2  =  a;22(mod  2n) 
and 

(xi  —  x2)(xi  +  x2)  =  0(mod  2n) 


and  because  both  x\  and  x2  are  odd, 

xi  —  x2    Xl  +  rr2 


se  0(mod  2W~2) 


However,  [(#i  —  x2)/2]  +  [(^i  +  a;2)/2]  =  iCi,  and  therefore  one  of 
(iCi  —  x2)/2  and  (iCi  +  x2)/2  is  odd.  As  a  result,  the  other  is  divisible  by 
2n_2.  Hence,  one  of  the  congruences  (xi  ±  x2)/2  =  0(mod  2n~2)  holds. 
Therefore,  x2  =  ^i(mod  2n~l),  or  x2  =  —  Xi(mod  2n_1).  But  when  x\ 
satisfies  x2  =  a(mod  2n),  —  X\  does  also.  Consequently,  all  four  integers 
±X\,  ±xi  +  2n~l  satisfy  x2  =  a(mod  2n),  and  they  are  incongruent 
modulo  2n. 
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But  there  are  exactly  four  solutions  of  x2  =  a  (mod  2n),  for  a  must  be 
congruent  to  1  modulo  23,  and  thus  a  has  just  2n~3  distinct  values  modulo 
2n.  Therefore,  the  2n~1  odd  positive  integers  less  than  2n  separate  into 
2n_3  sets  of  four  such  that  all  four  integers  in  a  set  satisfy  one  and  only  one 
of  the  2n~3  congruences  x2  =  a  (mod  2n)  determined  by  the  permissible 
values  of  a. 

Example.  In  the  case  of  x2  =  a(mod  16),  a  can  have  only  the  values 
1  and  9  modulo  16.  The  solutions  of  x2  =  l(mod  16)  are  1,  7,  9,  and  15 
modulo  16,  and  those  of  x2  =  9 (mod  16)  are  3,  5,  11,  and  13  modulo  16. 

EXERCISE 

First  find  the  values  that  a  can  have  in  order  that  there  be  a  solution  of  x2  =  a  (mod 
64),  and  then  find  all  the  solutions  of  these  congruences. 


CHAPTER  10 
SOME  FAMOUS  PROBLEMS 


10-1.  The  Waring  Problem.  In  1770  Waring  published  the  statement 
that  every  positive  integer  is  a  sum  of  not  more  than  4  squares,  not  more 
than  9  cubes,  not  more  than  19  fourth  powers.  He  gave  no  proof  of  his 
assertion  and  may  have  had  only  calculations  to  support  it,  but  the 
problem  implied  by  his  statement  has  ever  since  challenged  the  best 
mathematicians  and  has  been  only  recently  solved.  It  is  generally 
agreed  that  Waring  meant  to  imply  that  for  every  positive  integer  k  there 
exists  a  smallest  positive  integer  g(k)  such  that  any  positive  integer  n  can 
be  expressed  as  a  sum  of  at  most  g(k)  positive  kth.  powers.* 

Certain  results  connected  with  this  problem  of  representing  a  positive 
integer  as  a  sum  of  like  powers  of  integers  had  long  been  conjectured  even 
though  not  much  progress  in  proving  them  was  made  until  the  eighteenth 
century.  Fermat,  for  instance,  was  much  interested  in  the  theorem  that 
every  prime  of  the  form  4n  +  1  can  be  expressed  as  a  sum  of  two  squares 
and,  barring  the  use  of  negative  integers,  in  but  one  way.  Thus  5  =  l2  + 
22,  and  13  =  22  +  32.  It  remained  for  Euler,  however,  to  demonstrate 
the  theorem  satisfactorily.  Moreover,  that  any  integer  n  is  a  sum  of  two 
squares  if  and  only  if  it  has  the  form  n  =  2la2P,  with  t  >  0  and  P  a 
product  of  different  primes  of  the  form  4s  +  1,  had  been  determined  in 
the  seventeenth  century.  Again,  mathematicians  had  asserted  that  any 
integer  not  of  the  form  4r(8s  +  7)  is  expressible  as  a  sum  of  three  squares 
and  that  integers  of  this  form  fail  to  be  expressible  as  such  a  sum.  Fur- 
thermore, by  1770  Lagrange  had  proved  that  every  integer  is  a  sum  of  at 
most  four  squares. 

From  the  time  Waring  enunciated  his  theorem,  it  took  139  years  to 
prove  that  every  integer  is  a  sum  of  at  most  nine  cubes.  Although 
Liouville  proved  in  1859  that  there  exists  a  smallest  integer  #(4)  such  that 
every  n  is  a  sum  of  at  most  #(4)  fourth  powers,  still  it  has  not  yet  been 
proved  that  in  this  case  #(4)  actually  is  19.  In  1909  Hilbert  proved  the 
general  theorem  that  for  each  k  there  exists  a  positive  integer  g(k),  inde- 
pendent of  n,  such  that  every  integer  n  is  a  sum  of  at  most  g(k)  kth.  powers, 
but  his  proof  merely  shows  the  existence  of  algebraic  identities  for  deter- 

*  G.  H.  Hardy,  "Some  Famous  Problems  of  the  Theory  of  Numbers." 
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mining  g(k)  and  sheds  no  light  on  the  actual  value  of  g(k).  Since  then 
Hardy  and  Littlewood  have  developed  by  analytical  means  a  formula 
that  determines  an  upper  bound  for  g(k)  for  every  k. 

From  these  few  remarks  we  can  obtain  some  idea  of  the  magnitude  of 
this  problem,  and  certainly  a  perusal  of  a  few  of  the  original  proofs  will 
give  an  appreciation  of  the  ingenious  adaptation  of  the  tools  of  the  theory 
of  functions  of  a  complex  variable  to  the  problems  of  the  integers.  We 
are  not  concerned  here  with  the  presentation  of  any  of  these  powerful 
methods,  but  we  shall  give  two  of  Euler's*  proofs  that  every  prime  of  the 
form  4n  +  1  can  be  represented  uniquely  as  a  sum  of  two  squares  and  then 
reproduce  a  proof,  due  to  Euler  and  Lagrange,  f  that  uses  only  the  ideas 
of  the  classical  theory  of  numbers  to  show  that  every  integer  can  be 
expressed  as  a  sum  of  at  most  four  squares. 

Let  us  recognize  first  that  the  identity 

(a2  +  b2)(c2  +  d2)  =  (ac  ±  bd)2  +  (ad  +  be)2 

expresses  the  product  of  two  sums  of  squares  as  a  sum  of  two  squares. 
For  instance,  (22  +  12)(32  +  22)  =  82  +  l2  =  42  +  72.  We  notice,  how- 
ever, that  (22  +  1)(22  +  1)  =  52  +  02  =  32  +  42,  and  so  in  this  case  the 
formula  gives  but  one  representation  of  the  product  as  a  sum  of  two  posi- 
tive squares.  Does  the  formula  ever  fail  to  give  at  least  one  solution 
when  (a,  b)  «=  1  and  (c,  d)  —  1?  In  this  case  ac  =  bd,  and  ad  =  be. 
But  if  ac  =  bd,  then  a  =  d  and  b  =  c,  and  so  the  two  given  sums  are 
identical.  If  ad  =  be  as  well,  then  a2  =  b2  =  1.  Hence,  in  the  single 
case  (1  +  1)(1  +  1)  =  22-f-0,  the  formula  fails  to  give  a  sum  of  two 
positive  squares. 

It  is  also  apparent  that  when  (a,  b)  =  1  and  (c,  d)  =  1,  the  squares  in 
the  expression  for  the  result  of  the  product  need  not  be  relatively  prime, 
for  example,  (82  +  12)(92  +  22)  =  702  +  252.  On  the  other  hand,  if 
(ac  ±  bd,  ad  +  be)  —  1,  then  (a,  b)  =  1  and  (c,  d)  =  1,  for  if  (a,  b)  =  k, 
or  if  (c,  d)  =  k,  it  is  clear  that  k  divides  both  ac  ±  bd  and  ad  +  be. 

Euler's  first  proof  of  the  fact  that  a  prime  of  the  form  4n  +  1  can  be 
represented  as  a  sum  of  two  squares  is  a  little  cumbersome,  but  it  is 
instructive  to  study  it  and  to  compare  it  with  the  second,  more  elegant 
proof  which  Euler  published  about  25  years  later.  The  second  proof 
exemplifies  the  enormous  improvement  in  the  directness  of  the  presenta- 
tion that  a  mathematician  often  attains  when  the  initial  proof  is  reviewed. 

Lemma  10-la.  If  a  prime  p  =  c2  +  d2,  and  if  there  is  a  q  >  1  such 
that  pq  =  a2  +  b2  with  (a,  b)  =  1,  then  q  is  a  sum  of  two  relatively  prime 
squares. 

*  L.  E.  Dickson,  "History  of  the  Theory  of  Numbers,"  Vol.  2,  pp.  230-231. 
t  Ibid.,  Vol.  2,  p.  281. 
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If  the  prime  p  =  c2  +  d2,  then  (c,  d)  =  1,  and  if  pg  =  a2  +  52,  we  have 

c2(a2  +  fr2)  —  a2(c2  +  d2)  =  c2pq  —  a2p  =  mp 
But 

c2{a2  +  b2)  -  a2(c2  +  d2)  =  b2c2  -  a2d2  =  (be  -  ad)  (be  +  ad) 

Consequently,  the  prime  p  divides  at  least  one  of  be  —  ad  and  be  +  ad. 
Moreover,  be  —  ad  7^  0,  for  if  be  =  ad,  then  a  =  c  and  b  =  d.  Under 
these  conditions  p  and  pq  would  not  be  distinct.     If  be  —  ad  =  tp,  let 


b  =  tc  +  r 

and 

a  =  —td-\-s 

Then 

cr  =  be  —  tc2 

and 

ds  =  ad  +  id2 

so  that 

cr  - 

-  ds  =  be  —  ad  —  t(c2  +  d2)  = 

=  0 

Hence, 

cr  =  ds 

r  =  dn         and         s  =  en 

But  if  be  +  ad  =  /cp,  the  equations 

6  =  kc  +  r 
and 

a  =  kd  +  s 
give 

cr  =  be  —  kc2 
and 

ds  =  ad  —  kd2 
Hence, 

cr  +  ds  =  be  +  ad  —  k(c2  +  d2)  =  0 
and 

cr  =  —  ds 
In  this  case 

r  =  dn         and         5  =  —  en 
In  the  first  case 

pq  =  a2  +  b2  =  (  —  td-\-  en)2  +  (tc  +  dn)2 
=  (r2  +  n2)(c2  +  d2) 
=  p(t2  +  n2) 
and  in  the  second 

pq  =  (fed  —  en)2  +  (fcc  +  dn)2 
=  (k2  +  n2)(c2  +  d2) 
=  p(fc2  +  n2) 
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Therefore,  q  is  a  sum  of  two  positive  squares.  These  squares  are  rela- 
tively prime  if  (a,  6)  =  1,  for  if  in  the  first  case  (t,  n)  =  u,  the  equations 
b  =  tc  +  dn,  a  =  —td-\-cn  show  that  u  divides  both  a  and  b.  Likewise, 
(A;,  n)  =  1  in  the  second  case. 

Lemma  10-2a.  If  PQ  is  a  sum  of  two  relatively  prime  squares  and  Q 
is  not  a  sum  of  two  relatively  prime  squares,  then  P  has  a  prime  factor 
that  is  not  a  sum  of  two  squares. 

Consider  Lemma  10-la,  and  let  P  =  pip2  '  '  '  Pk,  where  each  prime 
Pi,  with  i  =  1,2,  .  .  .  ,  h,  is  a  sum  of  two  squares.  Then  pi(p2  '  *  *  PkQ) 
=  PQ  is  a  sum  of  two  relatively  prime  squares,  and  it  follows  immediately 
that  P2  '  •  •  PkQ  is  a  sum  of  two  relatively  prime  squares.  By  repeating 
this  process,  we  find  that  Q  is  a  sum  of  two  relatively  prime  squares. 
We  must  conclude,  then,  that  if  PQ  is  a  sum  of  two  relatively  prime 
squares  and  Q  is  not,  P  must  have  a  prime  factor  that  is  not  a  sum  of  two 
squares. 

Lemma  10-3a.  If  a  prime  p  divides  a2  +  b2,  where  (a,  b)  =  1,  then  p 
is  a  sum  of  two  squares. 

Let  the  prime  p  divide  a2  +  b2  with  (a,  b)  =  1,  and  suppose  that  p  is 
not  a  sum  of  two  squares.     Set 

a  =  mp  ±ri         0  <  n  <  £ 


and 

b  =  np  ±  r2         0  <  r2  < 

Then 

7"i2  +  ?*22  =  a2  +  62  +  /cp 


=  Qp  < 


p2 
~2 


Any  common  divisor  of  ri  and  r2  must  divide  Q,  and  thus  the  last  equation 
can  be  reduced  to  ai2  +  bi2  =  Pp,  with  (ah  hi)  =  1.  According  to 
Lemma  10-2a,  it  is  now  evident  that  P  has  a  prime  factor  pi  that  is  not  a 
sum  of  two  squares,  and  furthermore,  pi  <  p/2.  Using  the  fact  that  pi 
divides  a\2  +  bi2,  we  can  repeat  this  process.  The  method,  therefore, 
always  produces  a  sum  of  two  relatively  prime  squares,  a;2  +  b{2  < 
(pi-i2)/2,  which  has  a  prime  factor  p{  <  p;_i  that  is  not  a  sum  of  two 
squares.  But  this  statement  is  contrary  to  fact,  for  the  prime  factors  of 
all  sums  of  two  sufficiently  small  relatively  prime  squares  are  themselves 
a  sum  of  two  squares.  (32  +  22  =  13,  32  +  l2  =  10,  22  +  l2  =  5, 
l2  +  l2  =  2.)  Consequently,  the  prime  factor  p  of  a2  +  b2  must  be  a 
sum  of  two  squares. 

Theorem  10-1.     Every  prime  of  the  form  An  +  1  is  a  sum  of  two 
squares  in  just  one  way. 
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The  integer  —  1  is  a  quadratic  residue  of  all  primes  of  the  form  4n  +  1. 
Hence,  there  is  an  integer  a  such  that  a2  =  —  l(mod  p),  where  p  =  A.n 
+  1.  It  is  immediately  evident  that  p  divides  a2  +  1,  and  accordingly 
p  is  expressible  as  a  sum  of  two  squares. 

Now  suppose  that  p  =  a2  +  b2  =  c2  +  d2,  where  it  is  evident  that,  of 
each  of  the  pairs  a  and  b,  c  and  d,  one  integer  is  even  while  the  other  is 
odd.     Then 

a2    _    C2    =    d2    _    h2 

and 

(a  -  c)(a  +c)  =  \d  -  b)(d  +  b) 

Let  (a  —  c,  d  —  b)  =  r,  so  that  a  —  c  =  rm  and  d  —  b  =  rn,  with 
(m,  n)  =  1.     Therefore, 

m(a  +  c)  =  n(d  +  b) 

Hence,  if  we  let  (a  +  c,  d  +  b)  =  s,  we  have 

a  -\-  c  =  ns 
and 

d  +  6  =  ms 

If  a  and  c  are  both  even  or  both  odd,  it  is  clear  that  r  is  even,  and  so  is  s. 
But  if  only  one  of  a  and  c  is  even,  then  r  is  odd,  and  so  is  s.  In  the  latter 
case  both  m  and  n  are  also  odd.     Moreover, 

(r2  +  s2)(m2  +  n2)  =  m2r2  +  m2s2  +  n2r2  +  n2s2 

=  (a  -  c)2  +  (d  +  6)2  +  (d  -  6)2  +  (a  +  c)2 

Hence,  the  integer 

(r2  +  s2)(m2  +  Q  =  a2  +  62       c2  +  cP 
4  2        +       2 

=  p 

Thus,  if  r  and  s  are  even,  p  has  been  factored  into  the  integers  (r2  +  s2)/4 
and  m2  +  n2,  both  of  which  are  greater  than  1.  But  if  r  and  s  are  odd, 
r  and  s  cannot  both  be  1,  nor  can  both  m  and  n  be  1,  for  in  either  case 
a  =  d  and  b  =  c.  Consequently,  when  r  and  s  are  odd,  p  is  equal  to  the 
product  of  the  integers  (r2  +  s2)/2  and  (m2  +  ^2)/2,  neither  of  which  is  1. 
Since  such  a  factorization  is  impossible,  we  must  conclude  that  the  prime 
p  =  \n  +  1  has  a  unique  representation  as  a  sum  of  two  squares. 

Let  us  start  the  second  proof  of  Theorem  10-1  with  the  statement  that 
since  —1  is  a  quadratic  residue  of  every  prime  of  the  form  4*1  +  1,  there 
are  integers  a  and  m  that  satisfy  the  equation  a2  +  1  =  mp.  The  fact 
that  a  is  a  quadratic  residue  of  p  means  that  a  can  be  chosen  positive  and 
not  greater  than  {p  —  l)/2.     Consequently,  a2  +  1  <  (p2/4)  +  1,     But 
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(p2/4)  +  1  <  p2.  Thus  mp  <  p2,  and  m  <  p.  Hence,  it  is  true  that 
there  are  integers  a  and  b,  with  (a,  b)  =  1  and  0  <  a,  b  <  (p  —  l)/2, 
which  satisfy  the  equation  a2  +  b2  =  mp,  m  being  an  integer  in  the 
interval  1  <  m  <  p.  If  m  >  1,  we  shall  show  that  we  can  produce  a 
positive  integer  mi  <  m  such  that  rri\p  is  a  sum  of  two  squares. 

Set  a  =  qim  +  ri  and  b  =  q2m  +  r2,  with  |ri|  and  \r2\  not  greater  than 
m/2.     As  a  result 

a2  +  b2  =  n2  +  r22  +  m2(qi2  +  g22)  +  2m(rl9l  +  r2q2)  (1) 

and 

mp  =  ri2  +  r22  +  mK 
so  that 

fi2  +  r22  =  mim 
But 

ri2  +  r22  <  2  feY 

for  not  both  |ri|  and  \r2\  can  be  m/2  because  (a,  b)  =  1.     Hence, 

^  m2 
mim  <  — 

and 

mi  <  m 

Applying  the  identity  exhibited  just  before  Lemma  10-la,  we  have 

(ri2  +  r22)fei2  +  g22)  =  (riqi  +  r2q2)2  +  (nq2  -  r2qi)2 
or 

mmiqi2  +  ?22)  =  s2  +  t2  (2) 

where 

s  =  ngi  +  r<#2 
and 

t  =  rxqi  —  r2qi 

Recalling  Eq.  (1),  we  observe  that 

mp  =  mim  +  m2(qi2  +  <?22)  +  2ms 
and 

p  =  mi  +  m(qi2  +  q22)  +  2s 
Therefore, 

mxp  =  mi2  +  mim(qi2  +  g22)  +  2miS 

and,  according  to  (2), 

mxp  =  mi2  +  s2  +  t2  +  2mis 
or 

mip  =  (mi  -f  s)2  +  £2 
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Hence,  it  is  clear  that  upon  the  assumption  that  m  >  1  we  have  con- 
structed another  integer  rrti  <  m  such  that  mip  is  a  sum  of  two  squares. 
We  must  conclude,  therefore,  that  m ■—  1. 

The  unicity  of  this  representation  of  the  prime  p  =  ^n  -f-  1  was  proved 
at  the  end  of  the  first  proof  of  Theorem  10-1. 

Recalling  that  the  even  prime  2  =  l2  +  l2,  we  shall  now  proceed  to  the 
second  problem  stated  above  by  showing  in  the  following  steps  that  any 
odd  prime  can  be  expressed  as  a  sum  of  four  squares  or  fewer: 


Lemma  10-16  (Euler's  Identity). 


(xi2  +  x£ 


-r-z32  +  Z42)G/i2  +  2/22  + 


2/32  +  2/42)  =  {x±yx  +  x2y2  +  xzyz  +  x4y4)2  +  (xiy2  —  x2y\  +  xzy±  —  x4yz)2 
+  (xiy5  —  xzyx  -f-  x4y2  —  x2y4)2  +  (xiy*  —  xAyx  +  x2yz  —  xzy2)2. 

If  i  has  the  usual  meaning,  \J  —  1,  this  identity  can  be  proved  by  find- 
ing the  following  product  of  two  determinants  whose  values  are  X\2  + 


x2    +  xz2  +  x42  and 


+  y* 


+  v* 


y^ 


Xi  +  ix2     x3  +  1x4 

Vi  - 

-    W2 

-2/3  -  iy* 

A  - 

-  %B 

C  -iD 

Xz  +  ixi     Xi  —  ix2 

y*  - 

-  iy* 

y\  +  iyi 

-C  - 

-  iD 

A  +iB 

where 


A  =  xiyi 
B  =  xiy2 
C  =  xxyz 


A2  +  B2  +  C2  +  D' 


x2y2  +  xzyz  +  x4y4 
x2yi  +  xzy4  —  x±yz 
xzyi  +  x4y2  —  x2y4 


D  =  xiy4  —  x4yi  +  x2y3 


xzyi 


Lemma  10-26.  If  p  is  an  odd  prime,  there  exists  an  integer  t,  where 
1  <  t  <  p,  such  that  tp  =  Xi2  +  x22  +  Xz2  +  x42. 

Let  Xi,  where  i  =  0,  1,  2,  .  .  .  ,  (p  —  l)/2,  represent  the  integers  that 
lie  in  the  interval  0  <  x{  <  (p  —  l)/2.  There  are  then  (p  +  l)/2  values 
of  x^,  and  no  two  of  these  values  are  congruent  modulo  p,  for  if  x?  = 


^•2(mod  p),  where  i  9^  j  and  j  =  0,  1,  2, 


(p  -  l)/2,  it  follows  that 


(xi  —  Xj)(xi  +  Xj)  =  0(mod  p).  Hence,  at  least  one  of  Xi  —  x3-  and 
Xi  +  xj  would  be  divisible  by  p,  which  is  impossible  because  each  is  less 
than  p. 

Again,  let  yi  represent  the  integers  in  the  same  interval  and  form  the 
numbers  —  1  —  y2.  These  integers  are  also  incongruent  modulo  p,  for 
if  —  1  —  yi2  =  —  1  —  yj2  (mod  p),  where  i  7*  j,  then  yf  —  y^  =  0(mod  p), 
and  we  have  seen  that  this  congruence  is  impossible. 

Because  the  Xi2  and  —  1  —  y^  taken  together  form  a  set  of  p  +  1 
integers,  two  of  them  must  be  congruent  modulo  p.  Therefore,  some 
x^  must  be  congruent  to  a  particular  —  1  —  yj2.  Calling  these  integers 
x2  and  —  1  —  y2,  respectively,  we  have 


x'  as 


?/2(mod  p) 
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and 

x2  +  y2  +  l2  +  02  =  0(mod  p) 

so  that  x2  +  y2  +  l2  +  02  =  tp,  where  t  is  a  positive  integer. 

Moreover,  x2  <  p2/^,  and  y2  <  p2/4.  Therefore,  (p2/4)  +  (p2/4)  + 
1  >  tp,  and  (p2/2)  -\-  1  >  tp.  However,  since  p2  >  2,  it  is  evident  that 
2p2  >  p2  +  2,  and  p2  >  (p2/2)  +  1.  Hence,  p2  >  (p2/2)  +  1  >  tp, 
which  shows  that  p  >  t.     As  a  result,  1  <  t  <  p. 

Lemma  10-36.  If  p  is  an  odd  prime  and  t  is  the  least  positive  integer 
such  that  tp  =  xi2  +  x22  +  x%2  +  x±2,  then  t  is  odd. 

Suppose  that  t  is  even  and  that  Xi2  +  x22  +  #32  +  x±2  =  £p.  Then  the 
xi}  where  t  =  1,  2,  3,  4,  are  (1)  all  even,  (2)  all  odd,  or  (3)  two  are  even 
and  two  are  odd.  In  any  of  these  cases  the  xi  can  be  grouped  in  pairs  so 
that  x\  +  x2  =  0(mod  2)  and  x%  +  x±  =  0(mod  2).  Hence,  {x\  +  x2)/2 
and  (xz  +  Xi)/2  are  integers,  and  so  are  (xi  —  x2)/2  and  (#3  —  Xa)/2. 
Therefore, 

(xi  +  a?2V    ,   /a?i  —  S2Y    ,    /ffs  +  gjV    ,    (x3_-_Xi\2   _  xi2       x22 
\      2      /    "•"  \      2      /    "*"  \      2      /    "*"  \      2      /      '    2    ^    2 

■     #3        .     Xi  t 

Thus  there  is  an  integer  t/2  smaller  than  t  and  such  that  tp/2  is  a  sum  of 
four  squares.     Consequently,  t  must  be  odd. 

Lemma  10-46.  If  p  is  an  odd  prime  and  if  the  least  positive  integer 
t,  less  than  p,  satisfying  the  condition  tp  =  Xi2  +  x22  +  :r32  +  X42  is  not  1, 
then  there  exists  a  positive  integer  s  less  than  t  and  such  that  st  =  yi2  + 
2/22  +  2/3*  +  2/42. 

Choose  ?/,-,  where  i  =  1,  2,  3,  4,  so  that  yt  =  Xi(mod  t),  and  let  \yt\  <  t/2. 
Then  y^  =  a;*2  (mod  t),  and 


\  Vi2  —    X  ^2(m°d  0 


Hence, 

4 


V  ?/,2  =  tp  =  0(mod  0 

Therefore,  yx2  +  2/22  +  y%2  +  ?A2  =  s£.  The  integer  s  is  not  0  or  each 
2/»  would  be  0,  and  then  each  Xi  would  be  divisible  by  t.  In  this  case  t2 
would  divide  tp,  and  t  would  divide  p.     Hence,  t  would  be  1.     Moreover, 

4 

since    \y{\  <  t/2,    it   follows   that   yi2  <  Z2/4   and     V  y-1  <  t2.     Hence, 


<  t2,  and  s  <  t.     Consequently,  1  <  s  <  t. 


i=l 


166  ELEMENTARY    THEORY    OF   NUMBERS 

Theorem  10-2.  Every  odd  prime  is  a  sum  of  at  most,  four  positive 
squares. 

If  p  =  3,  observe  that  3  =  l2  +  l2  +  l2. 

If  p  >  3,  multiply  corresponding  members  of  the  equations 

xi2  +  x22  +  x,2  +  xA2  =  tp         3  <t  <  p 
yi2  +  yi2  +  yz2  +  yi2  =  st        1  <  s  <  t 

developed  in  the  preceding  lemmas.  Remember  that  t  is  the  least  posi- 
tive integer  satisfying  the  first  equation.  We  find  upon  applying  Euler's 
identity  that 

t2sp  =  (xtfji  +  x2y2  +  xzyd  +  xAy^)2  +  (xxy2  -  x2yi  +  xzyA  —  x4yz)2 

+  {xiyz  —  Xzyi  +  x±y2  —  x2y^)2  +  {xxyk  —  x^yi  +  x2yz  —  xsy2)2     (3) 

But  since  yi  =  ^(mod  t), 

Xiyi  +  x2y2  +  xzy%  +  x±y±  =  Xi2  +  x22  +  xz2  +  x±2  =  tp  =  0(mod  t) 

Also, 

xiy2  —  x2yi  +  Xzyt  —  x±yz  =  Xix2  —  Xix2  +  xdXi  —  x&i  =  0(mod  t),  .  .  . 

It  is  apparent,  therefore,  that  t2  divides  each  of  the  four  squares  in  the 
right-hand  member  of  (3)  and  that  sp,  with  s  <  t,  is  a  sum  of  four  squares. 
But  this  conclusion  contradicts  the  fact  that  t  was  chosen  the  least  posi- 
tive integer  such  that  tp  is  a  sum  of  four  squares.  Hence,  t  =  1,  and  the 
theorem  is  proved. 

Theorem  10-3.  Every  integer  is  a  sum  of  at  most  four  positive 
squares. 

Upon  factoring  the  given  integer  into  primes,  the  theorem  follows 
immediately  from  Euler's  identity. 

It  may  also  be  added  that  we  must  use  at  least  four  positive  squares  to 
express  some  integers  as  a  sum  of  squares,  for  we  shall  show  that  no  integer 
that  is  congruent  to  7  for  the  modulus  8  can  be  a  sum  of  three  squares. 

Suppose  that  Xi2  +  x22  +  xz2  =  n.  Not  all  the  xi}  where  i  =  1,  2,  3, 
can  be  even,  nor  can  just  one  be,  for  n  =  8k  +  7  is  odd.  But  if  all  the 
Xi  are  odd  so  that  Xi2  =  l(mod  8),  then  xi2  +  x22  +  £32  =  3  (mod  8). 
Finally,  if  two  of  the  x{  are  even  and  one  is  odd,  Xi2  +  x22  +  Xz2  = 
l(mod  8)  or  Xi2  +  x22  +  xz2  =  5(mod  8).  Consequently,  a  sum  of  three 
squares  cannot  be  equal  to  any  integer  that  is  congruent  to  7  modulo  8. 

EXERCISES 

1.  Prove  that  integers  of  the  form  4r(8n  +  7)  with  r  and  n  >  0  cannot  be  expressed 
as  a  sum  of  three  squares. 

2.  Write  (xi2  +  x22  +  x32  +  rc42)2  as  a  sum  of  three  squares.  What  does  the  result 
prove? 
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10-2.  The  Equation  x2  +  y2  =  z2.  From  the  point  of  view  of  the 
theory  of  numbers  the  solution  of  the  Pythagorean  triangle  means  the 
determining  of  formulas  for  expressing  all  triplets  of  positive  integral 
values  that  satisfy  the  equation  x2  +  y2  =  z2.  When  x,  y,  z  is  a  solution 
of  this  equation,  it  is  evident  that  kx,  ky,  kz  is  also  a  solution.  We  shall, 
therefore,  confine  ourselves  to  the  solutions,  called  primitive  solutions,  in 
which  the  values  x,  y,  z  are  relatively  prime.  This  restriction  together 
with  the  equation  implies  that  x,  y,  z  are  relatively  prime  in  pairs,  for  a 
common  divisor  of  any  two  of  them  divides  the  third.  We  infer,  then, 
that  two  of  these  integers  cannot  be  even.  But  neither  can  both  the 
integers  x  and  y  be  odd,  for  the  square  of  an  odd  integer  has  the  form 
Sn  +  1,  and  thus  the  sum  of  two  odd  squares  is  divisible  by  2  but  not  by  4. 
Consequently,  one  of  x  and  y  is  even,  and  the  other  is  odd.  Let  x  =  2u. 
Then  y  and  z  are  odd,  and  x2  =  \u2  =  z2  —  y2  =  (z  +  y)(z  —  y).  How- 
ever, (z  +  y)  +  (z  —  y)  =  2z,  and  therefore  any  common  divisor  of  z  +  y 
and  z  —  y  divides  2z.  But  a  divisor  greater  than  1  of  ^  cannot  divide 
z  +  y>  Hence,  2  is  the  greatest  common  divisor  of  z  +  y  and  z  —  y. 
Therefore,  let  z  +  y  =  2v2  and  z  —  y  =  2w2,  where  (v,  w)  =  1.  Then 
4u2  =  (2v2)(2w2),  and  x  =  2u  —  2vw.  By  adding  the  members  of 
z  +  y  =  2v2  and  z  —  y  =  2w2,  we  find,  furthermore,  that  z  =  v2  +  w2  and 
y  =  v2  —  w2.  Moreover,  because  (y,  z)  =  1,  one  of  the  integers  v,  w  is 
even,  while  the  other  is  odd. 

If  (v,  w)  =  1  and  one  is  even,  while  the  other  is  odd,  and  k  is  an  arbi- 
trary integer,  the  substitution  of 

x  =  2kvw         y  =  k(v2  —  w2)         z  =  k(v2  +  w2) 

in  the  given  equation  makes  it  clear  that  the  equation  is  actually  satisfied 
by  these  values.  They,  therefore,  form  the  general  solution  of  x2  +  y2  = 
z2  except  for  the  fact  that  the  values  of  x  and  y  may  be  interchanged. 
Hence,  we  have  proved  that: 

Theorem  10-4.  If  k  is  an  arbitrary  integer,  the  solutions  of  x2  + 
y2  =  z2  are  x  =  2kvw,  y  =  k(v2  —  w2),  and  z  =  k(v2  +  w2)  for  all  integers 
v  and  w  so  chosen  that  (v,  w)  =  1  and  one  is  even,  while  the  other  is  odd. 


EXERCISES 

1.  Express  21,  31,  and  39  as  a  sum  of  squares. 

2.  Solve  each  of  the  equations  x2  +  y2  =  169,  x2  +  y2  =  625,  and  x2  +  y2  =  2704. 

3.  Is  there  an  isosceles  right  triangle  whose  three  sides  are  integers? 

4.  Find  expressions  for  the  sides  of  all  integral  right  triangles  whose  hypotenuse  is 
one  greater  than  a  side. 

5.  Show  that  if  x2  +  y2  =  2z2,  then  x  =  k(v2  +  2vw  —  w2),  y  =  ±£(r2  -  2vw 
—  w2),  z  =  k(v2  +  w2),  where  k  is  an  arbitrary  integer,  (v,  w)  =  1  and  one  of  v  and  iv 
is  even,  while  the  other  is  odd. 
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10-3.  Fermat's  Last  Theorem.  About  1637  Fermat  stated  that  there 
is  no  solution  in  positive  integers  of  the  equation  xn  +  yn  =  zn  if  n  >  2. 
This  theorem  is  known  as  Fermat's  last  theorem,  and  about  it  he  wrote, 
"I  have  discovered  a  truly  remarkable  proof  but  this  margin  is  too  small 
to  contain  it."  To  this  day  mathematicians  have  been  baffled  by  the 
statement,  for  they  have  been  able  neither  to  prove  nor  to  disprove  the 
general  theorem.  The  equations  (xm)4  +  (ym)4  =  (zm)4  and  (xm)p  + 
(ym)p  =  (zm)p  show  that  the  proof  can  be  broken  up  into  the  cases  in 
which  n  =  4  and  n  is  an  odd  prime.  In  1747  Euler  published  a  proof, 
which  we  shall  reproduce  below,  that  there  is  no  solution  in  the  first  case. 
No  proof  for  every  odd  prime  has  been  discovered  although  by  1857 
Kummer  had  shown  the  impossibility  of  solving  the  equation  if  n  <  100. 
It  was  Kummer's  reflection  on  his  own  error  made  in  attempting  to  prove 
this  theorem,  as  well  as  the  misconceptions  of  Cauchy  and  Lame,  that  led 
to  his  invention  of  the  theory  of  ideals.  With  this  new  tool  he  and  other 
mathematicians  were  able  to  set  up  various  conditions  for  the  insolva- 
bility  of  the  equation.  H.  S.  Vandiver*  has  given  a  complete  account  of 
the  present  status  of  the  problem,  including  his  own  recent  contributions 
"toward  its  solution  and  his  conjectures  as  to  its  truth. 

Theorem  10-5.  There  is  no  solution  in  positive  integers  of  the  equa- 
tion x4  +  y4  =  z2. 

The  method  we  shall  use  in  proving  this  theorem  is  a  neat  example  of 
Fermat's  method  of  infinite  descent.  We  shall  assume  that  there  are 
integers  that  satisfy  the  equation  and  shall  show  that  under  this  condition 
there  must  always  be  another  set  having  a  smaller  z.  It  is  evident  that  if 
there  is  a  solution  of  the  equation  in  which  the  integers  x,  y,  z  are  not  rela- 
tively prime  in  pairs,  then  there  is  another  in  which  the  restriction  holds. 
We  shall  assume,  therefore,  that  x,  y,  and  z  are  prime  each  to  each.  Then 
(x2)2  +  (y2)2  =  z2,  so  that  according  to  Theorem  10-4  we  have  x2  =  a2  — 
b2,  y2  =  2ab,  and  z  =  a2  +  b2,  with  (a,  b)  =  1,  and  where  we  may  choose 
a  odd  and  b  even.  Because  y2  =  a(2b),  it  follows  that  a  =  u2  and 
2b  =  v2.  But  a2  =  x2  +  b2.  Therefore,  a  =  r2  +  s2,  and  b  =  2rs  with 
(r,  s)  =  1.  Hence,  26  =  4rs  =  v2,  and  r  =  Xi2,  s  =  yi2.  Thus  xiA  + 
yiA  =  u2,  and,  furthermore,  1  <  u  <  a  <  z.  Thus  there  is  a  set  of 
integers  with  a  smaller  z  that  satisfies  the  given  equation.  It  is  impos- 
sible that  this  always  be  so,  and  consequently  there  is  no  solution  of 
xA  +  y4  =  z2. 

Corollary.  There  is  no  solution  in  positive  integers  of  the  equation 
x4  +  y4  =  z4. 

10-4.  The  Area  of  an  Integral  Right  Triangle 

Theorem  10-6.  If  the  sides  of  a  right  triangle  are  integers,  the  area 
cannot  be  a  perfect  square. 

*  Am.  Math.  Monthly,  Vol.  53,  No.  10,  pp.  555-578,  1946;  ibid.,  Vol.  60,  No.  3, 
pp.  164-167,  1953. 
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We  shall  develop  the  proof  of  this  theorem  as  another  example  of 
Fermat's  method  of  infinite  descent,  using  basically  the  very  method  he 
outlined  in  the  marginal  notes  of  his  copy  of  Bachet's  edition  of  Dio- 
phantus's  "Arithmetica."* 

If  x,  y,  and  z  are  the  sides  of  a  right  triangle,  again  restricting  ourselves 
to  the  case  where  these  integers  are  relatively  prime  in  pairs,  let  x  =  2ab, 
y  =  a2  —  b2,  z  =  a2  +  b2,  where  a  and  b  are  relatively  prime  and  one  is 
even,  the  other  odd.  Then  the  area  of  this  triangle,  which  we  assume  is  a 
perfect  square,  is  A  =  ab(a2  —  b2)  =  r2.  Since  (a,  b)  =  1,  the  integers 
a,  b,  and  a2  —  b2  are  relatively  prime  in  pairs,  and  each  is,  therefore,  a 
perfect  square.  Let  a  =  m2,  b  =  n2,  a2  —  b2  =  k2.  But  a  +  b  and 
a  —  b   are   also   relatively   prime;   so   let 

a  +  b  =  m2  +  n2  =  u2 
and 

a  —  b  =  m2  —  n2  =  v2 
As  a  result 

2m2  =  u2  +  v2 
and 

2n2  =  u2  —  v2  =  (u  —  v){u  +  v) 

Thus  (u,  v)  =  1,  and  the  last  equation  shows  that  u  —  v  and  u  +  v  are 
even    integers.     Hence,    n   is    even,    and    2n2  =  8q2  =  (u  —  v)(u  +  v). 

1£    —    y     <££    — 1_    p 

Therefore,  one  of  the  integers  — - — >  — - —  is  even.     Accordingly,  let 


either 

or 

Then 
and 


2 


U-^  =  2s2         and         ^  =  t* 


2 


^1  =  t2  and         ^±1  =  2s< 


2n2  =  SsH' 
n2  =  4sH' 


Furthermore,  in  the  first  case 

u  =  2s2  +  t2         and         v  =  t2  -  2s2 
and  in  the  second 

u  =  2s2  +  t2         and         v  =  2s2  -  t2 

But  m2  =  v2  +  n2  =  t*  -  4sH2  +  4s4  +  4s2£2  =  (t2)2  +  (2s2)2.     Thus  m 
is  the  hypotenuse  of  a  right  triangle  in  which  t2  and  2s2  are  the  arms.     But 

*  Dickson,  op.  cit.,  Vol.  2,  p.  615. 
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notice  that  since  z  =  a2  +  b2  and  a  —  m2,  it  follows  that  z  >  a  >  m,  so 
that  the  hypotenuse  of  the  new  triangle  is  smaller  than  that  of  the 
original.  Moreover,  the  area  A  i  of  the  new  triangle  is  the  integer  s2t2  = 
(u2  —  v2)/S,  and  the  area  of  the  original  triangle  is 

A  =  aHa*  -  6-)  =  (*±*)  (^)  («V) 

But 

(g.  +  y  -  p.)  >  ^^  for  +  >  i 

4  o 

The  assumption  of  the  existence  of  a  triangle  whose  sides  are  integers 
and  whose  area  is  a  perfect  square  has  led  to  the  conclusion  that  a  triangle 
having  these  properties  but  of  smaller  area  and  shorter  hypotenuse  must 
also  exist.  Thus  there  would  always  be  a  smaller  triangle  of  this  kind, 
and  that  is  impossible.  We  must  conclude  that  such  a  triangle  cannot 
exist. 

On  the  basis  of  the  last  theorem  it  is  easy  to  show  that  the  following 
statement  is  true: 

Theorem  10-7.  There  are  no  integers  that  satisfy  the  set  of  equations 
x2  -\-  y2  =  z2,  x2  —  y2  =  w2. 

If  both  p2  +  q2  =  m2  and  p2  —  q2  =  n2,  consider  the  right  triangle 
whose  sides  are  2p2q2,  p4  —  q4,  and  pA  +  q*.     Hence,  the  area  is 


p2q2(pi  —  qA)  =  p2q2m2n 


But  we  have  shown  that  if  the  sides  are  integers,  the  area  cannot  be  a 
perfect  square.  Consequently,  there  is  no  solution  in  integers  of  the 
given  set  of  equations. 

10-5.     The  Generalized  Wilson  Theorem 

Theorem  10-8.  The  product  of  the  positive  integers  less  than  m  and 
prime  to  m  is  congruent  to  —  1  modulo  m  if  m  =  4,  pn,  or  2pn  with  p  an 
odd  prime,  but  the  product  is  congruent  to  + 1  modulo  m  for  all  other 
moduli. 

If  ra  =  4,  the  product  1  ■  3  =  —  l(mod  4). 

If  m  =  pn,  let  t  be  a  quadratic  nonresidue  of  the  odd  prime  p,  and  let 
Oi,  where  i  =  1,  2,  .  .  .  ,  (f>(pn),  be  the  least  positive  integers  forming  a 
reduced  residue  system  modulo  pn.  Then,  for  each  a,-,  the  congruence 
ctiX  =  £(mod  pn)  has  a  solution  x  =  a,- (mod  pn)  from  the  set  of  the  a,,  and 
each  integer  az  is  thus  paired  with  an  ay  distinct  from  the  a^  modulo  pn, 
for  cti2  f£  £(mod  p).  The  integers  a{  are,  therefore,  separated  into  4>(pn)/2 
pairs,  and  if  P  is  the  product  of  these  pairs, 

p    =    ^(P»)/2(mo(J    pn) 
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But  t^~1)/2  m 

—  l(mod  p),  and  hence 

(J(p-l)/2)p.-i   =    (_]_    _|_  kp)p»-* 

and 

tP»-Hp-l)/2   -    _X    -f  Mpn 

Therefore, 

f*(p-)/2  ==  -l(mod  pn) 

and 

P  =  -l(mod  pn) 

If  m  =  2pn,  let  s  be  a  quadratic  nonresidue  modulo  p,  and  let  t  satisfy 
both  of  the  congruences 

x  =  s(mod  p) 
x  =  l(mod  2) 

Therefore,  t  is  an  odd  quadratic  nonresidue  of  2pn,  for  if  x2  =  f (mod  2pn) 
had  a  solution,  then  t  =  s(mod  p)  would  be  a  quadratic  residue  of  p.  The 
congruences  ctiX  =  £(mod  2pn)  now  pair  the  positive  integers  a,-,  where 
i  =  1,  2,  .  .  .  ,  4>{2pn),  that  are  less  than  2pn  and  prime  to  2p\  If  P 
represents  the  product  of  these  pairs,  we  find  that 

P  =  ^n>/2(mod  2pn) 

But  t(p~1)/2  =  —  l(mod  p),  and  thus  t^pn)/2  =  —  l(mod  pnj.  However, 
£  is  odd,  and  (j>(2pn)  =  <t>{pn).     Therefore,  P  =  —  l(mod  2pn). 

If  m  =  2U,  where  u  >  2,  then  —1  is  a  quadratic  nonresidue  of  2U. 
Hence,  the  congruences  a»#  =  —  l(mod  2U),  where  the  a»  range  through 
the  positive  integers  less  than  2U  and  prime  to  2,  separate  these  integers 
into  2U~2  pairs.  In  this  case,  therefore,  if  P  again  represents  the  product 
of  these  pairs,  P  =  (-iyu~2  =  +l(mod  2U). 

When  m  =  2,  moreover,  the  above  congruence  is  obviously  true. 

Finally,  suppose  that  m  contains  at  least  two  distinct  odd  primes  as 
factors  or  at  least  one  odd  prime  and  the  factor  2U  with  u  >  1.  Let 
m  =  2up1nip2nz  ■  ■  -  prn*.  Let  s  be  a  quadratic  nonresidue  modulo  pi, 
and  let  t  satisfy  both  the  congruences 

x  =  s(mod  pi) 

x  =  l(mod  2p2p3  '  '  '  pr) 

Then  t  is  a  quadratic  nonresidue  of  m.  Again,  if  the  ai}  where  i  =  1,  2, 
.  .  .  ,  4>(m)}  are  the  positive  integers  less  than  m  and  prime  to  m,  then  the 
congruences  a{x  =  i(mod  m)  pair  the  a*  and,  as  before,  the  product  P  of 
the  di  is  such  that 

P  =  «*<m>'2(mod  m) 

But  i(pi-D/2  =  -l(mod  pi),  and  $*&>i*i>/*  ==  —  l(mod  pini)-  However, 
since  (f>{pini)  is  even  and  0(ra)  =  <t>(pi'n)<f>(p2n*)   '  •   ■   <f>{pr"r), 

pc-o/i  =  +i(modpi»0 
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Moreover,  t  =  1  +  2p2p3  "  ■  ■  prk,  so  that  t^m)/2  =  (1  +  2p2ps  ■  •  ■ 
prk)4>(m)/2}  ancj  t<i,(m)/2  =  -f  l  (mod  p2n2P2n3  '  '  '  Vrnr)  •  Furthermore,  t2u~l 
=  +l(mod  2U),  and  thus  t+™'2  =  +l(mod  2M).  Therefore,  t*™'2  = 
+  l(mod  m),  and  P  =  +l(mod  m). 

10-6.  The  Pellian  Equation.  The  equation  x2  —  by2  =  1,  in  which  b 
is  a  positive  integer  that  is  not  a  square,  is  known  as  the  Pellian  equation, 
but  it  should  really  be  called  Fermat's  equation,  for  it  was  he  who  pro- 
posed the  problem  of  finding  its  integral  solutions.  As  a  matter  of  fact 
the  problem  is  a  very  old  one,  having  been  solved  in  the  Middle  Ages  by 
the  Hindus.  We  have  but  an  outline  of  Fermat's  proof  showing  that  the 
equation  is  satisfied  by  an  infinite  number  of  pairs  of  integers  all  of  which 
can  be  obtained  from  a  particular  pair,  but  a  proof  was  also  found  con- 
jointly by  Wallis  and  Lord  Brouncker  and  was  published  in  1658.  Both 
Euler  and  Lagrange  contributed  to  the  further  development  of  the 
problem.  The  following  argument  is  based  upon  that  devised  by 
Dirichlet : 

Lemma  10-lc.  If  a  is  any  real,  irrational  number  and  m  >  0  is  an 
integer,  then  there  exist  integers  r  and  s  such  that  0  <  \r  —  sa\  <  1/m 
and  0  <  s  <  m. 

Let  x  have  the  values  0,  1,  2,  .  .  .  ,  m,  and  determine  corresponding 
integral  values  of  y  so  that  0  <  y  —  xa  <  1  by  taking  y  =  [xa]  +  1. 
There  are,  then,  m  +  1  values  of  y  —  xa  that  lie  in  the  interval  from  0  to 
1,  excluding  0  but  including  1.  Separate  this  interval  into  m  equal  parts, 
the  first  one  extending  from,  but  not  including,  0  up  to  and  including 
1/m;  the  second,  extending  from,  but  not  including,  1/m  up  to  and 
including  2/ra;  ....  At  least  two  of  the  m  +  1  values  determined  for 
y  —  xa  lie  in  one  of  these  m  intervals.  Suppose  that  these  values  are 
yx  —  X\a  and  yi  —  x^a  with  x<i  >  x\.     Then 

1(2/2  -  x2a)  -  {yx  -  Xia)\  < 


ni 


or 


|(?/2  -  2/i)  -  (x2  -  Xi)a\   < 


m 

But  the  difference  cannot  be  0,  for  x\  ^  x2.     Hence,  if  r  =  y%  —  y\  and 
s  =  x2  —  Xi,  we  conclude  that 

0  <  \r  —  sa\  <  —        and         0  <  s  <  m 

Lemma  10-2c.  If  b  is  a  positive  integer  that  is  not  a  square,  there  is 
an  infinite  number  of  pairs  of  integers  r  and  s  with  s  >  0  that  satisfy  the 
inequality  0  <  \r2  -  s2b\  <  1  +  2  \/b. 
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Lemma  10-lc  shows  that  when  m  is  a  positive  integer,  integers  rx  and  S\ 
exist  such  that 


0  <  In  -  si  Vb\  <  —        0  < 

1  '       m 


si  <  m 


Now  choose  a  positive  integer  mi  sufficiently  large  so  that 

—   <    |fl-«lV^I 

mi 
Then  r2  and  s2  can  be  determined  so  that 

0  <  \r2  —  s2  s/b\  <  —         0  <  s2  <  mi 

1  'mi 

Hence, 

\r2  -  s2  Vb\  <  \n  -  Si  \A|  <  — 

By  continuing  to  choose  m,:  sufficiently  large,  we  obtain 

—  <  \n  —  Si  \/b\ 

mi 
for  i  =  1,  2,  3,  .  .  .  .     This  means  we  can  find  integers  rt-+i,  s,+i  that  give 

0  <  |ri+i  —  si+1  \/b\  <  —         0  <  si+1  <  rrii 

Tfli 

Thus 

\ri+1  —  si+1  y/b\  <  \fi  —  Si  y/b\ 

and  in  this  way  we  can  set  up  an  infinite  number  of  pairs  of  integers  r»,  Si 
satisfying  the  above  condition. 
But  for  any  pair  ri}  si} 


Hence, 


and 


0  <  \n  -  Si  Vb\  <  —  <  - 
rrii-i       Si 

0  <  \n  +  8i  Vb\  <  -  +  2si  Vb 

Si 

0  <  \n2  -  Si2b\  <— 2  +  2-v/5<l+2v/6 


Therefore,  there  are  infinitely  many  pairs  of  integral  values  of  r  and  s  with 
s  >  0,  such  that  |r2  —  s2b\  lies  between  0  and  1+2  y/b. 

Lemma  10-3c.  If  6  is  a  positive  integer  that  is  not  a  square,  there 
exists  an  integer  k  ^  0  such  that  the  equation  x2  —  by2  =  k  is  satisfied  by 
an  infinite  number  of  pairs  of  integers  x  and  y. 
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We  have  seen  in  lemma  10-2c  that  an  infinite  number  of  pairs  of  integers 
r,  s  give  integral  values  for  \r2  —  s2b\  that  lie  between  0  and  1+2  s/b. 
Since  b  is  not  a  square,  r2  —  s2b  ^  0,  and  thus  the  expression  can  have  at 
most  2[1  +  2  s/b]  values  so  determined.  Consequently,  at  least  one  of 
these  integral  values,  k  ^  0,  is  determined  by  an  infinite  number  of  the 
pairs  of  integers  r,  s,  and  these  are  the  values  of  x,  y  that  satisfy  x2  — 
by2  =  k. 

Theorem  10-9.  If  b  is  a  positive  integer  that  is  not  a  perfect  square, 
the  equation  x2  —  by2  =  1  has  a  solution  distinct  from  x  =  ±1,  y  —  0. 

Select  k  ^  0  so  that  the  equation  x2  —  by2  =  k  is  satisfied  by  an  infinite 
number  of  pairs  of  values  of  x,  y.  Now  separate  the  values  of  x,  and  in 
like  manner  of  y,  into  the  \k\  residue  classes  modulo  k.  There  are,  there- 
fore, k2  pairs  of  classes  modulo  k  into  which  the  solutions  x,  y  can  fit. 
Having  excluded  the  finite  number  of  solutions  with  either  x  or  y  zero,  we 
recognize  that  the  equation  shows  that  for  any  solution  in  which  either 
or  both  x  and  y  are  negative  there  is  one  in  which  both  are  positive. 
Hence,  there  is  an  infinite  number  of  solutions  having  both  x  and  y  posi- 
tive. Accordingly,  if  these  positive  solutions  are  distributed  among  the 
k2  pairs  of  residue  classes  modulo  k,  at  least  one  of  these  pairs  of  classes 
must  contain  at  least  two  of  these  solutions.  Consequently,  two  pairs 
#i,  2/1  and  x2,  2/2  can  be  so  selected  that 


X\  =  £2(mod  k) 
2/i  =  2/2(mod  k) 

Xi2  - 

x22  - 

Xi  ^  x2         Xi,  x2  >  0 
2/i  ^  2/2         2/i,  2/2  >  0 

-  by,2  =  k 

-  by22  =  k 

Now  consider  the  quotient 

Xi  —  2/1  y/b  _  xxx2  - 

-  2/12/26  +  O12/2  -  X2IJ1)  \/b 

x2  -  2/2  Vb  x*2  -  y*2h 

From  the  above  congruences 

^1^2  —  2/i2/2?>  —  Xi2  —  byi2  ss  0(mod  k) 
and 

xiy2  —  x2yx  =  Xiiji  —  xiiji  =  0(mod  k) 

Therefore,  let 

XiX2  —  2/12/26  _  1         Xiy2  —  x2yi 

^ —  u         ano         j  — 

k  k 

and  thus 

xi  -  2/1  Vb  =  (u  +  v  s/b)(x2  -  2/2  y/b) 
Likewise, 

£1  +  2/1  V6  =  {u  —  v  \A)(>2  +  2/2  \/b) 


V 
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Hence, 

Xi2  —  by  i2  =  (u2  —  bv2)(x22  —  by22) 
or 

k  =  k(u2  —  v2b) 
so  that 

u2  —  bv2  =  1 

and  the  integers  u  and  v  satisfy  the  equation  x2  —  by2  =  1. 

If  v  =  0,  then  u  =  ±1  and  then  x\  —  2/1  y/b  =  ±(x2  —  y2  y/b). 
Thus  Xi  =  ±x2,  yi  =  ±y2.  But  since  xh  x2,  yi,  y2  are  positive,  xx  =  x2 
and  yi  =  y2j  whereas  we  chose  xh  2/1  and  x2,  y2  as  distinct  solutions  of 
x2  —  by2  =  k.  We  have,  therefore,  found  a  solution  x  =  u,  y  =  v  oi  the 
equation  #2  —  &2/2  =  1  that  is  distinct  from  the  solutions  x  =  ±  1,  y  =  0. 

Theorem  10-10.  If  b  is  a  positive  integer  that  is  not  a  square  and  if 
Xi,  2/1  is  the  solution  of  x2  —  by2  =  1  for  which  Xi  and  2/1  are  positive  and 
#i  +  2/i  V^>  has  the  least  positive  value,  then  any  solution  x,  y  of  the 
equation  is  determined  by  the  formula  x  +  y  s/b  =  ±  (x±  +  2/1  y/b)n 
for  n  =  0,  ±1,  ±2,  ...  . 

Since  x2  —  by2  =  1  has  a  solution  in  which  2/^0,  there  must  be  one, 
Xi,  2/1,  with  Xi  and  ?/i  positive  integers,  for  which  x\  +  2/1  V^>  is  a  mini- 
mum.    Then  Xi2  —  byi2  =  1,  and  if  x22  —  by22  =  1,  let 

(xi  -  2/1  VS)(^2  -  2/2  V^)  =  £3  -  2/3  V& 
and  also 

Oi  +  2/1  V&)(#2  +  2/2  y/b)  =  ^3  +  2/3  V& 

Consequently,  x32  —  fo/32  =  1,  and  the  pair  of  integers  z3,  2/3  so  deter- 
mined is  a  solution  of  the  given  equation.     It  follows,  by  induction,  that 
(xi  +  2/1  y/b)n  determines  a  solution  of  x2  —  by2  =  1  for  each  positive 
integral  n. 
Moreover, 

/ 1 7rT  =  <Xl  ~  ^  ^)n 

Oi  +  2/1  v  fr)n 

and  if  xi,  2/1,  is  a  solution  of  the  given  equation,  then  x*,  y±  determined  by 
X4  —  2/4  y/b  =  (xi  —  2/1  y/b)n,  for  n  =  1,  2,  .  .  .  ,  is  also  a  solution  of 
x2  —  fo/2  =  1- 

Again,  if  n  =  0,  we  find  (xi  +  2/1  -\A)n  =  Oi  —  2/1  *\A)n  =  1  and 
x  =  ±1,  2/  =  0. 

Furthermore,  when  #,  2/  is  a  solution,  x,  —2/  and  —  x,  y,  as  well  as  —  .t, 
—  y,  are  solutions.  Consequently,  for  n  =  0,  +1,  ±2,  .  .  .  ,  all  pairs  of 
integers  x,  2/  determined  by  x  +  2/  -\A  =  ±(#i  +  2/1  V^)71  are  solutions 
of  x2  —  by2  =  1. 

But  the  pairs  of  integers  x,  y  determined  by  the  formula  constitute  all 
the  solutions  of  x2  —  by2  =  1,  for  if  X,  Y  with  both  X  and  Y  positive  is 
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any  solution  that  cannot  be  developed  by  the  formula,  then  X  +  Y  y/b 
lies  between  two  consecutive  powers  of  the  positive  number  X\  +  y\  Vb', 
that  is, 

(*i  +  2/i  Vh)n  <  X  +  Y  Vb  <  (xi  +  2/1  Vb)n+1 

By  multiplying  each  member  of  this  statement  by  (xi  —  y\  Vb)n  and 
using  the  fact  that  Xi2  —  yi2b  =  1,  we  see  that 

1  <  (X  +  Y  Vb)(x1  -  Vl  Vb)n  <x1  +  y1Vb 

But  if  we  let 

(X  +  Y  Vb)(xi  ~  Vi  Vb)n  =  x'  +  y'Vb 

necessarily  giving 

(X  -  Y  Vb)(x1  +  Vl  Vb)n  =  x'  -y'Vb 

then  xn  —  by'2  =  1  and 

1  <  x'  +  y'  Vb  <  x1  +  Vl  Vb  (4) 

But  x'  —  y'  Vb  =  (xf  +  y'  Vb)~l,  and  therefore 

0  <  x'  -  y'  Vb  <  1  (5) 

Adding  (4)  and  (5)  shows  that  x'  >  0,  and  subtracting  (5)  from  (4)  gives 
0  <  2yf  Vb,  which  implies  that  y'  >  0.  Under  these  circumstances, 
however,  it  is  impossible  that  x'  +  y'  Vb  be  less  than  X\  +  y\  Vb,  for 
Xi  +  y\  Vb  was  chosen  as  the  smallest  of  these  numbers.  Therefore, 
X  +  Y  Vb  =  (xi  +  2/1  Vb)n.  Since  to  each  solution,  not  x  =  ±1, 
y  =  0,  of  x2  —  by2  =  1  in  which  one  or  both  the  integers  x  and  y  are  nega- 
tive must  correspond  a  solution  in  which  both  are  positive,  we  conclude 
that  all  values  of  x  and  y  that  satisfy  the  equation  can  be  obtained  from 
the  formula  x  +  y  Vb  =  ±  (#i  +  y\  Vb)n. 

EXERCISES 

1.  Show  that  all  solutions  of  x2  —  2y2  =  1  can  be  developed  from  x  =  3,  y  =  2. 

2.  Can  you  discover  a  method  for  developing  solutions  of  both  x2  —  2y2  =  1  and 
X2  _  2y2  =  -1  from  x  =  1,  y  =  1? 

3.  Show  that  the  formula  for  developing  all  solutions  of  x2  —  3y2  =  1  is  x  + 

y  V3  =   ±  (2  +  V3)n. 


CHAPTER  11 
POLYNOMIALS 


11-1.  Integral  Domains  and  Fields.  Let  us  recall  that  the  set  of 
rational  integers  has  certain  salient  properties  with  respect  to  the  oper- 
ation of  addition  which  can  be  summarized  in  the  following  manner: 

1.  The  sum  of  two  elements  in  a  certain  order  is  a  unique  element  of 
the  set. 

2.  Addition  is  commutative. 

3.  Addition  is  associative. 

4.  Each  element  has  an  inverse  with  respect  to  addition. 

It  follows  then  that  there  is  an  element  0  such  that  a  +  0  =  a  for  any  a. 
There  is  a  second  law  of  combination  for  the  set  of  rational  integers 
which  we  called  multiplication,  and  it  has  the  following  properties. 

1.  Multiplication  is  unique,  and  the  product  is  in  the  set. 

2.  Multiplication  is  commutative. 

3.  Multiplication  is  associative. 

4.  Multiplication  is  distributive  with  respect  to  addition. 

5.  There  is  an  element  1,  called  the  unity  element,  or  unity,  such  that 
a  •  1  =  a  for  any  a. 

6.  The  elements  obey  the  cancellation  law,  so  that  if  ab  =  ac  and 
a  ^  0,  then  b  =  c. 

Any  set  of  elements  that  fulfills  these  10  conditions  is  said  to  be  an 
integral  domain. 

When  the  set  has  at  least  two  elements  and  in  addition  to  the  above 
properties  each  element  of  the  set  except  zero  has  an  inverse  with  respect 
to  multiplication,  the  set  is  called  a  field.  Thus,  in  a  field,  ax  =  1  with 
a^O  can  be  solved  for  x,  and  the  value  is  unique.  Hence,  division  by 
a  t^  0  is  possible,  for  if  ax0  =  1,  then  a(bx0)  =  b  and  a  divides  b.  The 
rational  integers  fail  to  form  a  field,  for  division  of  an  integer  b  by  a  ^  0 
is  not  always  possible,  but  the  set  of  the  rational  numbers  (ratios  a/b  of 
two  rational  integers  with  b  t^  0)  is  a  field.  The  real  numbers  as  well  as 
the  complex  numbers  also  form  fields. 

Now  consider  the  set  of  all  polynomials  J(x)  —  a0xn  +  aixtt-1  -j-  •  •  ■ 
+  an,  where  the  coefficients  at-,  with  i  =  0,  1,  .  .  .  ,  n,  are  selected  from 
a  field.     This  set  includes  the  field  of  the  coefficients  itself,  and  conse- 
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quently  it  contains  the  numbers  0  and  1,  which  are  called  the  identity 
elements  with  respect  to  addition  and  multiplication,  respectively.  Con- 
stants not  0  are  polynomials  of  degree  zero,  whereas  0  is  said  to  have  no 
degree.  The  laws  of  elementary  algebra  show  very  easily  that  this  set  of 
polynomials  f(x)  has  the  first  nine  characteristics  enumerated  above,  but 
we  must  clear  up  another  idea  before  showing  that  the  cancellation  law 
also  holds. 

Two  polynomials  in  x  are  said  to  be  identically  equal  if  and  only  if  they 
have  equal  values  for  all  values  of  the  variable  x.  But  a  polynomial  in  x 
of  the  nth  degree  with  n  >  0  is  not  reduced  to  zero  by  more  than  n  values 
of  x,  and  therefore  f(x)  vanishes  identically  if  and  only  if  all  of  its  coeffi- 
cients are  zero.  If,  then,  the  product  of  two  polynomials  with  coefficients 
in  a  field  F  is  identically  zero,  at  least  one  factor  must  vanish  identically, 
for  otherwise  the  product  would  be  a  polynomial  of  at  least  degree  zero 
and  could  not  vanish  identically.  In  short,  there  are  no  divisors  of  zero 
in  the  domain  of  these  polynomials,  and  that  is  equivalent  to  saying  that 
the  cancellation  law  is  observed.  The  polynomials  with  coefficients  in  a 
field  F,  therefore,  form  an  integral  domain. 

After  recalling  the  early  definitions  and  theorems  that  pertain  to  the 
elements  of  the  integral  domain  of  the  rational  integers,  it  is  easy  to  set 
up  the  following  analogous  definitions  and  theorems  concerning  the  ele- 
ments of  the  domain  of  the  polynomials  f(x)  with  coefficients  in  a  field  F: 

If  two  polynomials /(a;)  and  g(x)  have  coefficients  in  a  field  F,f(x)  is  said 
to  divide  g(x)  if  there  is  a  polynomial  q(x)  with  coefficients  in  F  such  that 
g(x)  =  f(x)q(x)  identically.  Then  f(x)  is  a  factor  of  g{x)  and  q{x)  is  the 
quotient  of  g{x)  by  f(x).  Furthermore,  if  g(x)  ^  0,  the  degree  of /(re)  is  at 
most  that  of  g(x). 

A  polynomial  that  divides  only  itself  is  a  null  polynomial. 

A  polynomial  that  divides  every  polynomial  with  coefficients  in  F  is  a 
unit  polynomial,  or  a  unit. 

Theorem  11-1.  If  g(x)  =  f(x)q(x),  where  f(x)  ^  0  and  the  polyno- 
mials have  coefficients  in  a  field  F,  the  quotient  q(x)  is  unique. 

If 

g(x)  =  f(x)qi(x)  =  f(x)q2(x) 
then 

f(x)[qi(x)  -  q2(x)}  ^  0 
Hence, 

qi(x)  -  q2(x)  =  0         and         qx(x)  =  q2(x) 

Theorem  11-2.  Zero  is  the  null  polynomial  of  the  set  of  polynomials 
f(x)  with  coefficients  in  F. 

The  equation  0  ■  f(x)  =  0  shows  that  the  quotient  of  zero  by  zero  exists 
but  is  indeterminate.     It  also  shows  that  zero  divides  only  itself.     Fur- 
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thermore,  every  polynomial  f(x)  divides  zero,  so  that  there  can  be  but  one 
null  polynomial. 

Theorem  11-3.  All  the  elements  except  zero  of  a  field  F  are  unit  poly- 
nomials of  the  set  of  polynomials  with  coefficients  in  F. 

It  is  evident  that  a  constant  not  zero  of  F  divides  every  polynomial 
whose  coefficients  are  in  this  field.  But  a  polynomial  of  degree  n  >  0 
cannot  divide  any  constant  except  zero. 

A  polynomial  with  coefficients  in  a  field  F  whose  leading  coefficient  is 
unity  is  a  monic  polynomial. 

The  associates  of  a  polynomial  with  coefficients  in  a  field  F  are  the  prod- 
ucts of  that  polynomial  by  the  unit  polynomials  of  the  set  of  polynomials. 

A  polynomial  with  coefficients  in  F  that  is  not  a  unit  and  that  is  divisi- 
ble only  by  its  associates  and  the  units  is  a  prime  polynomial. 

A  polynomial  with  coefficients  in  F  that  is  not  zero,  a  unit,  or  a  prime 
polynomial  is  a  composite  polynomial. 

A  common  divisor  of  two  or  more  polynomials  with  coefficients  in  F  is  a 
polynomial  of  the  set  that  divides  each  of  the  given  polynomials. 

A  greatest  common  divisor  of  two  or  more  polynomials,  not  all  zero,  with 
coefficients  in  F  is  a  common  divisor  that  is  divisible  by  every  common 
divisor  of  the  given  polynomials.  When  the  coefficients  of  the  given  poly- 
nomials are  in  a  field  F,  the  monic  polynomial  that  is  an  associate  of  a 
greatest  common  divisor  is  called  the  greatest  common  divisor  of  the  set. 

If  the  greatest  common  divisor  of  two  or  more  polynomials  with  coeffi- 
cients in  a  field  F  is  1,  the  polynomials  are  relatively  prime. 

Theorem  11-4.  If  f(x)  ^  0  and  g(x)  are  polynomials  with  coefficients 
in  a  field  F,  there  exists  a  unique  pair  of  polynomials  q(x)  and  r(x)  with 
coefficients  in  F  that  satisfy  the  identity  g(x)  =  f(x)q(x)  +  r(x)  with 
either  r(x)  =  0  or  of  lower  degree  than  fix). 

If  g(x)  =  a0xn  +  aixn~1  +  •  •  •  +  an  is  of  lower  degree  than  f(x)  = 
b0xm  +  bixm~l  +•••+&•»,  take  q(x)  =  0  and  r(x)  =  g{x)  and  the 
theorem  is  satisfied.     Do  likewise  if  g(x)  =  0. 

If  g(x)  is  not  of  lower  degree  than  f(x),  take  qi(x)  =  kxn~m,  where 
a0  =  kb0.  Then  ri(x)  =  g(x)  —  kxn~mf(x)  is  lower  in  degree  than  g(x) 
and 

g(x)  =  f(x)q1{x)  +  n(x) 

If  ri(x)  =  0  or  if  its  degree  is  lower  than  that  of  f(x)}  the  existence  of  the 
pair  of  polynomials  has  been  demonstrated,  but  if  neither  is  the  case, 
repeat  the  operation,  using  f{x)  and  r±(x).     Thus  we  obtain 

7*iO)  =  f(x)q2(x)  +  r2(x) 
and 

g(x)  =  f(x)[q!(x)  +  q*(x)]  +  r2(x) 

Again,  if  r2(x)  =  0  or  if  its  degree  is  lower  than  that  of  f(x),  the  required 
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polynomials  are  qi(x)  +  #2(2)  and  r2(x),  but  if  not,  the  process  is  repeated 
until  after  a  finite  number  of  steps  we  obtain 

rs_i(z)  =  f(x)q8(x)  +  rs(x) 
Hence, 

g(x)  =  f(x)[qi(x)  +  q2(x)  +•■•■+  q.(x)]  +  ra(x) 

and  either  rs(x)  =  0,  or  it  is  lower  in  degree  than  /(re). 

Now  suppose  that  there  are  two  pairs  of  polynomials  that  satisfy  the 
stated  conditions.     Then 

g(x)  =  f(x)q(x)  +  r(x)  =  f(x)Q(x)  +  R(x) 
and 

f(x)[q(x)  -  Q(x)]  +  r(x)  -  R(x)  s=  0 

Consequently,  q(x)  =  Q(x),  or  the  degree  of  the  above  expression  would 
be  at  least  that  of  f(x).     Accordingly,  r(x)  =  R{x). 

Theorem  11-5.  The  greatest  common  divisor  D(x)  of  two  polyno- 
mials f(x)  and  g(x),  not  both  zero,  with  coefficients  in  a  field  F  exists  and 
can  be  expressed  in  the  form  D(x)  =  F(x)f{x)  +  G(x)g(x),  where  the 
polynomials  F(x)  and  G(x)  have  coefficients  in  F. 

Using  Theorem  11-4  we  apply  the  analogue  of  the  Euclidean  algorithm 
to  the  polynomials  f(x)  and  g(x)  of  degrees  m  and  n,  respectively,  with 
0  <  m  <  n.     Then 

g(x)  =  f(x)Qi(x)  +  Ri(x)  Ri(x)  is  of  degree  m\  <  m 

f(x)  =  Ri(x)Q2(x)  +  R2(x)         R2(x)  is  of  degree  m2  <  mi 
Ri{x)  =  R2(x)Q3(x)  +  R${x)         Rz{x)  is  of  degree  m3  <  m2 

Rt-i(x)  =  Rt(x)Qt+i(x)  +  Rt+1 

We  must  finally  arrive  at  a  step  in  which  Rt+i  is  a  constant,  for  the  poly- 
nomials Ri(x),  where  i  =  1,  2,  .  .  .  ,  t  +  1,  decrease  in  degree.  Then 
by  making  use  of  an  argument  that  parallels  that  in  the  proof  of  the 
Euclidean  algorithm,  we  see  that  f(x)  and  g(x)  have  a  greatest  common 
divisor  Rt(x)  different  from  a  constant  if  and  only  if  Rt+i  =  0.  It  is  also 
evident  that  a  necessary  and  sufficient  condition  that  f(x)  and  g(x)  be 
relatively  prime  is  that  Rt+i  be  a  constant  different  from  zero. 

If  Ri(x)  f^  0,  solve  for  each  Ri(x)  that  is  not  zero,  and  substitute  the 
expression  in  the  succeeding  equation  of  the  algorithm.  Thus  when 
Rt+1  =  0,  we  find  that 

Rl{x)  =  g{x)  -f(x)Q1(x) 

R.{x)  =  [1  ■+  Qi(x)Q2(x)]f(x)  -  Q2{x)g{x) 

Rz(x)  =  [1  +  Q2(x)Q3(x)]g(x)  -  [Q1(x)Q2(x)Qz(x)  +  Q1(x)  +  Q*(x)]f(x) 

Rt(x)  =  F1(x)f(x)  +  G!(x)g(x) 
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Hence  if  f(x)  and  g(x)  are  not  relatively  prime  and  if  Rt(x)  is  not  a  monic 
polynomial,  by  dividing  through  by  its  leading  coefficient,  we  have 

D(x)  =  F,(x)f(x)  +  G,(x)g(x) 

However,  if  f(x)  and  g(x)  are  relatively  prime,  we  find 

Rt+1  =  F2(x)f(x)  +  G2(x)g(x) 

and  dividing  by  Rt+i,  we  obtain 

1  =  F(x)f(x)  +  G(x)g(x) 

In  the  last  case  the  term  of  highest  degree  of  F(x)  comes  from  the 
product  Qi(x)Q2(x)  •  •  •  Qt+i(x).  The  degree  of  Qi(x)  is  n  —  m,  of 
Q2(x)  is  m  —  mi,  and  the  degree  of  each  Qj(x),  where  j  =  3,  4,  .  .  .  , 
t  +  1,  is  m/_2  —  W/_i.  Therefore,  when  m  >  1,  the  degree  of  their 
product  is  less  than  n,  the  degree  of  #(#),  for  n  —  m  +  (m  —  mi)  + 
(mi  —  m2)  +  '  '  '  +  (mf_i  —  mt)  =  n  —  mt.  In  like  manner,  when 
m  >  1,  the  degree  of  G(x)  is  determined  by  the  degree  of  Q 2(x)Qz (x)  •  •  • 
Qt+i(x)  and  is  less  than  m,  the  degree  of  f(x). 

In  the  special  case  where  R\(x)  =  0,  fix)  is  a  greatest  common  divisor, 
and  then  f(x)  =  f(x)  +  0  •  g(x)}  and  the  theorem  holds. 

Notice  that  although  the  method  is  applicable  when  the  polynomial 
f(x)  is  a  constant  not  zero,  the  statement  about  the  degrees  of  F(x)  and 
G(x)  does  not  hold.  For  example,  if  g(x)  =  4x  +  3  and  f(x)  =  2,  we 
write  1  =  2  •  J  +  0  •  (4#  +  3).     If  f(x)  =  0,  the  result  is  obvious. 

The  following  theorem  is  now  evident: 

Theorem  11-6.  The  polynomials  f(x)  and  g(x)  with  coefficients  in  a 
field  F  are  relatively  prime  if  and  only  if  there  exist  polynomials  F{x)  and 
G(x)  with  coefficients  in  F  such  that  F(x)f(x)  +  G(x)g(x)  =  1. 

Theorem  11-7.  The  greatest  common  divisor  of  the  polynomials  f(x) 
and  g(x)  with  coefficients  in  a  field  F  is  unique. 

If  Di(x)  and  D2(x)  are  two  greatest  common  divisors  of  f(x)  and  g(x), 
then  Di(x)  \  D2(x)  and  the  degree  d\  of  Di(:r)  is  less  than  or  equal  to  the 
degree  d2  of  D2(x).  Also  D2(x)  \  Di(x),  so  that  d2  <  d\.  Hence,  di  =  d2. 
As  a  result  Di(x)  and  Z>2(^)  can  differ  only  by  a  constant  factor;  that  is, 
Di(x)  =  cD2(x).  But  each  one  is  a  monic  polynomial.  Therefore, 
c  =  1,  and  Di(x)  =  D2(x). 

Theorem  11-8.  If  fi(x)  and  f2(x)  are  relatively  prime  polynomials 
with  coefficients  in  a  field  F  and  if  /i(x)  divides  the  product  f2 (x )fz(x),  then 
/i(z)  divides /3(x). 

Since  (fi(x),f2(x))  =  1, 

fi(x)F1(x)  +  f2(x)F2(x)  =  1 
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Then 

MiWW  +  f*(x)ft(x)Ft(x)  -/,(*) 

Applying  the  distributive  law,  it  is  evident  that  f\ (x)  divides  /3  (x). 

Theorem  11-9.  If  f(x)  and  g(x)  are  relatively  prime  polynomials  of 
at  least  the  first  degree  with  coefficients  in  a  field  F,  there  exists  one  and 
only  one  pair  of  polynomials  F(x)  and  G(x)  with  coefficients  in  F  satisfying 
the  condition  F(x)f(x)  +  G(x)g{x)  =  1  and  such  that  the  degree  of  F(x) 
is  less  than  that  of  g(x)  and  the  degree  of  G(x)  is  less  than  that  of /(x). 

That  the  required  polynomials  F{x)  and  G(x)  exist  has  been  proved  in 
Theorem  11-5,  but  if  there  is  a  second  pair  F\(x)  and  Gi(x)  of  such  poly- 
nomials, then 

F(x)f(x)  +  G(x)g(x)  =  F1{x)f{x)  +  Gl{x)g{x) 
Hence, 

f(x)[F(x)  -  F,(x)]  =  g{x)[G1{x)  -  G(x)] 

But  since  f(x)  and  g(x)  are  relatively  prime,  g(x)  divides  F(x)  —  Fi(x). 
Unless  F(x)  =  F\(x)}  this  division  would  be  impossible,  for  the  degree  of 
F{x)  —  Fi(x)  is  less  than  that  of  g(x).     It  is  then  obvious  that  G(x)  = 

It  is  important  to  observe  the  conditions  set  by  the  last  theorem.  We 
admit  that  when  the  given  polynomials  are  the  constants  a  and  6,  there  are 
infinitely  many  solutions  of  ax  +  by  =  1.  But  it  is  to  be  noticed  that 
Theorem  11-9  requires /(x)  and  g(x)  to  be  of  at  least  the  first  degree  and 
places  a  restriction  on  the  degree  of  both  F(x)  and  G(x).  If  the  second 
condition  is  removed,  we  can  find  many  pairs  of  polynomials  F(x)  and 
G(x)  that  will  satisfy  the  equation  F(x)f{x)  +  G(x)g(x)  =  1,  for  if  Fix) 
and  G(x)  do,  then  all  pairs  of  the  form  F(x)  +  k(x)g(x)  and  G{x)  — 
k(x)f(x)  will  also.  Are  there  any  others?  When  one  of  the  given  poly- 
nomials is  a  constant,  the  results  should  now  be  obvious. 

On  the  other  hand  when  the  greatest  common  divisor  of  the  given  poly- 
nomials is  not  1,  even  so  simple  a  case  as  expressing  the  greatest  common 
divisor  of  x2  —  4x  +  3  and  2x  —  6  shows  the  lack  of  unicity  in  the  pair  of 
polynomials  F(x)  and  G(x)  having  the  restriction  on  degree  stated  in 
Theorem  11-9,  for 

(x2  -  4x  +  3)(  +  l)  +  (2.r  -  6)  (-  |  +  lj  =  x  -  3 
and 
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(x2  -  4x  +  3)(-l)  +  (2x  -  6)  I  -  )  =  x  -  3 

When  the  field  F  containing  the  coefficients  of  f(x)  is  the  set  of  complex 
numbers,  on  the  basis  of  the  fundamental  theorem  of  algebra,  we  know 
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that,  except  for  the  order  of  the  factors,  f(x)  can  be  factored  into  linear 
factors,  each  with  leading  coefficient  unity  and  absolute  term  in  F,  and  a 
constant  factor,  in  exactly  one  way.     Hence,  the  identity 

fix)  =  a0xn  +  aixn~l  +  '  '  •  '  +  a>n  ■—  cto(x  —  rl)(x  —  r2)  •  •  *  (x  —  r„) 

where  the  Vi,  with  i  —  17  2,  .  .  .  ,  n,  are  in  F,  expresses  this  unique 
factorization  of  f(x) .  The  reader  realizes,  however,  that  such  a  factoriza- 
tion of  f(x)  does  not  exist  in  all  fields.  In  the  field  of  the  real  numbers 
x2  +  1  cannot  be  so  factored,  but  in  the  field  of  the  complex  numbers 
X2  +  i  =  (x  -  i)(x  +  {),  Although  x2  -  2  =  (x  -  y/2)(x  +  y/2)  in 
the  field  of  the  real  numbers,  it  cannot  be  factored  into  linear  factors  in  the 
field  of  the  rational  numbers. 

If  a  polynomial  f(x)  of  degree  n  with  coefficients  in  a  domain  F  cannot 
be  factored  into  two  polynomials  of  at  least  the  first  degree  with  coeffi- 
cients in  F,  then  f(x)  is  said  to  be  irreducible  in  F.  Otherwise  f(x)  is 
reducible  in  F.  Thus  xs  —  5  is  irreducible  in  the  integral  domain  of  the 
rational  integers  and  also  in  the  field  of  the  rational  numbers,  but  it  is 
reducible  in  the  field  of  the  real  numbers. 

The  field  of  the  rational  numbers  is  the  smallest  infinite  field  that  con- 
tains the  rational  integers,  and  so  we  shall  consider  a  few  important  char- 
acteristics of  polynomials  with  coefficients  in  this  field.  We  are  especially 
concerned  with  being  able  to  classify  the  coefficients  of  the  factors  of  an 
integral  polynomial. 

A  primitive  polynomial  is  an  integral  polynomial  whose  coefficients  are 
relatively  prime. 

The  primary  associate  of  an  integral  polynomial  is  that  associate  of  the 
polynomial  whose  coefficients  are  relatively  prime  integers  and  whose 
leading  coefficient  is  positive. 

Theorem  11-10.  If  fi(x)  and  f2(x)  are  integral  polynomials,  a  neces- 
sary and  sufficient  condition  that  their  product  be  a  primitive  polynomial 
is  that  both  fi(x)  and  f2(x)  be  primitive  polynomials. 

Suppose  that 

/iO)  =  aQxn  +  aix71-1  +•••+«« 
and 

f2(x)  =  b0xm  +  bxx™-1  +■■•+&. 

with  n  >  m,  have  integral  coefficients  that  are  relatively  prime.  Their 
product  necessarily  has  integral  coefficients,  but  suppose  that  a  prime  p 
divides  each  of  these  coefficients.  Then  there  is  a  first  a;,  say  ar,  and  a 
first  bj,  say  6S,  that  is  not  divisible  by  p.     Now  consider  the  coefficient  of 

ar+sbo  +  •  •  *   +  ar+ibs-i  +  arbs  +  ar-ibs+i  +  •  •  •  +  ar+s-mbm 
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Each  term  except  arbs  of  this  expression  is  divisible  by  p,  and  thus  it  is 
impossible  that  all  the  coefficients  of  the  product  be  divisible  by  p. 
Hence,  the  product  is  a  primitive  polynomial. 

On  the  other  hand,  if  fi(x)  =  pg(x),  where  g(x)  is  an  integral  polynomial 
and  p  is  a  prime,  then  fi(x)f2(x)  =  p[g(x)f2(x)]  and  the  product  is  not 
primitive. 

Theorem  11-11.  If  f(x)  is  a  polynomial  with  integral  coefficients  and 
leading  coefficient  unity,  fix)  is  factorable  into  the  product  of  two  monic 
polynomials  in  the  field  of  the  rational  numbers  if  and  only  if  it  is  factor- 
able in  the  domain  of  the  rational  integers. 

Let  f(x)  =  fi(x)f2(x),  where  fi(x)  and/2(z)  are  monic  polynomials  with 
rational  coefficients,  and  suppose  that  not  all  the  coefficients  of  the 
factors  are  integers.  Reduce  all  fractional  coefficients  to  their  lowest 
terms,  and  let  d\  and  d2  be  the  least  common  multiples  of  the  denominators 
of  the  coefficients  of  fi(x)  and /2(#),  respectively.  Then  the  coefficients 
of  both  g(x)  =  difi(x)  and  h(x)  =  d2f2(x)  are  relatively  prime  integers. 
Consequently,  the  product  g(x)h(x)  =  did2fi(x)f2(x)  is  a  primitive  poly- 
nomial. But  then  f(x)  —  fi(x)f2(x)  =  g(x)h(x)/did2  cannot  have  integral 
coefficients  unless  d\d2  =  1.  In  short,  the  coefficients  of  both  fiix)  and 
f2ix)  are  integers. 

If  f{x)  is  factorable  in  the  domain  of  the  integers,  it  is,  of  course,  factor- 
able rationally  and  so  the  converse  is  obvious. 

Theorem  11-12.  If  a  polynomial  fix)  with  coefficients  in  the  field  R 
of  the  rational  numbers  is  irreducible  in  R,  and  if  f(x)  divides  the  product 
of  the  polynomials  g(x)  and  h(x)  with  coefficients  in  R,  then  f(x)  divides 
at  least  one  of  g(x)  and  h(x). 

Because  f(x)  is  irreducible  in  R,  the  greatest  common  divisor  of  f(x) 
and  g(x)  either  is  the  monic  polynomial  that  is  an  associate  oif(x),  or  is  1. 
In  the  first  case  f(x)  \  g(x).     In  the  second,  we  have  shown  that /(a;)  |  h(x). 

Theorem  11-13.  Any  polynomial  of  at  least  the  first  degree  with 
rational  coefficients  can  be  resolved  into  a  product  of  a  rational  constant 
and  one  or  more  monic  irreducible  polynomials  of  at  least  the  first  degree 
with  coefficients  that  are  rational.  Except  for  the  order  of  the  factors 
this  factorization  is  unique. 

If  f(x)  is  either  of  the  first  degree  or  of  higher  degree  and  irreducible 
in  the  field  R  of  the  rational  numbers,  then  f(x)  =  cg(x),  where  g(x)  is  a 
monic  polynomial,  and  c  is  a  rational  number. 

If  f(x)  is  reducible  in  R,  let  f{x)  =  fi(x)f2(x).  Each  of  the  new  poly- 
nomials is  of  lower  degree  than  f(x).  Either  fi(x)  is  irreducible  in  R,  or 
it  has  a  factor  fz(x)  which  is  lower  in  degree  than  fi(x)  and  is  in  turn  a 
factor  of  f{x).  Continuing  in  this  manner,  we  observe  that  the  degree 
of  each  factor  is  lower  than  that  of  its  predecessor  and  so  the  process  must 
end;  that  is,  there  must  be  an  irreducible  factor,  say  p(x),oi  f(x).     Then 
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f(x)  =  p(x)q(x).  We  now  operate  on  q(x)  in  the  same  way  and  after  a 
finite  number  of  steps  determine  that 

f{x)    =   Cpi(x)p2(x)     •     '     '    pr(x) 

where  c  is  a  constant  and  the  pj(x)  are  monic  irreducible  polynomials. 
Suppose  that  there  are  two  such  factorizations  of  f(x) .     Then 

cpi(x)p2(x)   •   •   •  pr(x)  =  kq1(x)q2(x)   •   •   •  qs(x) 

Clearly,  c  =  k,  for  the  other  factors  are  monic  polynomials.  Moreover, 
Pi(x)  divides  the  product  of  the  qi(x),  where  i  =  1,  2,  .  .  .  ,  s.  Hence, 
Pi(x)  divides  one  of  the  qi(x),  say  qi(x).  But  qi(x)  is  irreducible  in  R. 
Thus  qi(x)  =  tpi(x),  and  since  each  is  monic,  qi(x)  =  pi(x).  Canceling 
the  identical  factors  and  repeating  the  argument,  supposing  that  s  >  r, 
we  have 

1  =  qr+i(x)   •  •  •  qs(x) 

Consequently,  each  of  these  factors  is  1,  and  the  original  factorization  is 
unique. 

Theorem  11-14.  If  fi(x)  and  f2(x)  are  integral  polynomials,  not  both 
zero,  we  can  choose  a  greatest  common  divisor  of  them  so  that  it  is  an 
integral  polynomial. 

Since  the  coefficients  of  fi(x)  and  f2(x)  are  rational,  their  greatest 
common  divisor  D(x)  exists  and  can  be  written 

D(x)  =  fi{x)Fi(x)  +  f2(x)F2(x) 

Let  d,  g,  and  h  be  the  least  common  multiples  of  the  denominators  of  the 
coefficients  of  D(x),  Fi(x),  and  F2(x),  respectively.  Let  D(x)  =  d(x)/d, 
Fxix)  =  g(x)/g,  and  F2(x)  =  h(x)/h.     Then 

^  =  fl{x)m+Mx)m 

Multiply  both  members  of  this  equation  by  the  least  common  multiple  of 
d,  g,  and  h.     Thus 

k,d(x)  =  fi(x)[k2g(x)]  +f2(x)[kzh(x)] 

where  kid(x)  is  an  associate  of  the  monic  polynomial  D(x)  and  has  integral 
coefficients. 

Very  often  we  use  the  primary  associate  of  kid(x)  in  place  of  the  greatest 
common  divisor  of  fi(x)  and  f2(x)  even  though  we  may  not  be  able  to 
write  it  in  the  above  form  with  k2g(x)  and  kzh(x)  integral  polynomials. 

Example.  The  greatest  common  divisor  x  —  §  of  3a;3  —  2x2  —  3x  +  2 
and  3a;2  —  8a;  +  4  can  be  expressed  in  the  form 

x  -  #  =  i(3a;3  -  2a;2  -  3a;  +  2)  -  £(a  +  2)(3a;2  -  Sx  +  4) 
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Its  associate  9x  —  6  can  be  written 

9x  -  6  =  (3xz  -  2x2  -  Sx  +  2)  -  (3x2  -  Sx  +  4)0  +  2) 

Instead  of  9x  —  6,  however,  we  may  prefer  to  use  its  primary  associate 
3a;  -  2. 

EXERCISES 

1.  Can  the  primary  associate  of  the  greatest  common  divisor  of  2x2  —  x  —  3  and 
2x2  —  5x  +  3  be  expressed  in  the  form  developed  in  Theorem  11-14  that  uses  integral 
polynomials? 

2.  Find  the  greatest  common  divisor  of  6x3  +  I3x2  +  4z  —  3  and  2a;3  +  9x2  +  13x 
+  6,  and  express  it  in  terms  of  the  given  polynomials.     Write  its  primary  associate. 

3.  Do  the  rational  integers  modulo  p,  sl  prime,  form  a  field? 

4.  A  number  r  is  said  to  be  an  algebraic  integer  if  it  satisfies  a  rational  integral  equa- 
tion xn  +  aixn~1  +  ■  •  •  +  an  =  0,  where  the  coefficients  a*,  for  i  =  1,  2,  .  .  .  ,  n, 
are  rational  integers.  If  a  is  a  rational  integer,  apply  this  definition  to  the  roots  of 
the  equation  xm  =  a  and  consider  the  problem  of  factoring  a. 

11-2.  Polynomials  with  Respect  to  a  Prime  Modulus.  When  the 
modulus  is  a  prime  p,  we  pointed  out  in  Chap.  5  that  the  division  of  fi(x) 
by  f2(x)  7^  0(mod  p),  where  these  are  integral  polynomials,  exists.  To 
carry  out  the  division,  we  may  use  the  method  of  choosing  k  so  that  the 
leading  coefficient  of  kf2{x)  is  congruent  to  1  modulo  p,  and  then  dividing 
fi(x)  by  kf2(x)  according  to  the  process  of  ordinary  long  division,  so  that 

/i(z)  =  kf2(x)g(x)  +  r(x) 

where  r(x)  is  0  or  an  integral  polynomial  lower  in  degree  than  f2(x). 
Hence, 

fi(x)  =  f2(x)[kg(x)]  +  r(x)(mod  p) 

and  kg{x)  is  the  quotient  while  r(x)  is  the  remainder  in  the  division  modulo  p 
of  fi(x)  by  f2(x).     This  division  has  already  been  shown  to  be  unique. 

Definitions  analogous  to  those  in  the  first  paragraph  of  this  chapter 
show  that  the  set  of  integral  polynomials  modulo  p,  a  prime,  forms  an 
integral  domain.  The  unit  polynomials,  or  units,  modulo  p  are  the 
rational  integers  that  are  prime  to  p,  for  when  (a,  p)  =  1,  the  congruence 
ax  =  b  (mod  p)  has  a  solution  and  we  can  infer  that  a  divides  any  integral 
polynomial  modulo  p.  There  can  be  no  other  units  modulo  p,  for  1  is  not 
divisible  modulo  p  by  a  multiple  of  p  or  by  any  polynomial  of  the  first 
degree  or  higher.  Since  r  is  identically  congruent  to  r  +  kp  modulo  p, 
the  integers  1,  2,  .  .  .  ,  p  —  1  represent  all  the  units  modulo  p.  More- 
over, any  integer  congruent  to  0  modulo  p  represents  the  null  element. 
In  like  manner,  the  rational  integers  congruent  to  1  modulo  p  denote  the 
unity  element  of  the  set  of  integral  polynomials  modulo  p.  The  definition 
of  an  identical  congruence  stated  in  Chap.  5  is  the  basis  for  the  statement 
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that  if  f(x)g(x)  =  0(mod  p)  identically,  at  least  one  of  the  polynomials 
f(x)  and  g(x)  is  identically  congruent  to  0  modulo  p.  There  are,  there- 
fore, no  divisors  of  0  modulo  p  in  this  set  of  polynomials. 

A  monic  or  primary  polynomial  modulo  p,  a  prime,  is  an  integral  poly- 
nomial whose  leading  coefficient  is  congruent  to  1  modulo  p. 

The  primary  polynomial  modulo  p  in  a  set  of  associates  of  f(x)  modulo 
p  is  called  the  primary  associate  of  f(x)  modulo  p. 

A  prime  polynomial  modulo  p  is  an  integral  polynomial  that  is  not  a  unit 
modulo  p  and  which  is  divisible  modulo  p  by  only  its  associates  and  the 
units  modulo  p. 

An  integral  polynomial  that  is  not  congruent  modulo  p  to  zero,  a  unit, 
or  a  prime  polynomial  modulo  p  is  a  composite  polynomial  modulo  p. 

Example.  The  integers  1,  2,  3,  and  4  represent  the  unit  polynomials 
modulo  5.  The  primary  polynomials  modulo  5  of  the  first  and  second 
degree  can  be  reduced  modulo  5  to  one  of  the  following  polynomials: 


x            x2            x2  +  x            x2  +  2x            x2  +  Sx 

x2  +  4z 

x  +  1     x2  +  l     x2  +  x  +  1     x2  +  2x  +  1     x2  +  Sx  +  1 

ic2  +  4z  +  1 

x  +  2     x2  +  2     x2  +  x  +  2     z2  +  2z  +  2     z2  +  3x  +  2 

z2  +  4x  +  2 

x  +  3     x2  +  3     x2  +  x  +  3     x2  +  2x  +  3     x2  +  3x  +  3 

z2  +  4z  +  3 

£  +  4     z2  +  4     £2  +  z  +  4     z2  +  2z  +  4     a;2  +  3z  +  4 

z2  +  4z  +  4 

Of  these  the  following  are  prime  polynomials  modulo  5: 

x              x  +  3     x2  +  3             x2  +  2^+3     x2  +  4x  +  l 

z-fl      x  +  4     z2  -f-  £  +  1     x2  +  2^  +  4 

£  +  2     z2  +  2     x2  +  ^  +  2     z2  +  3z  +  4 

The  associates  of  this  set  of  primary  prime  polynomials  modulo  5  repre- 
sent the  incongruent  prime  polynomials  modulo  5  of  the  first  and  second 
degree. 

A  greatest  common  divisor  modulo  p,  a  prime,  of  a  set  of  integral  poly- 
nomials, not  all  congruent  to  zero  modulo  p,  is  a  common  divisor  of  the 
set  that  is  divisible  modulo  p  by  every  common  divisor  of  the  set.  We 
refer  to  the  primary  associate  of  a  greatest  common  divisor  modulo  p  as 
the  greatest  common  divisor  modulo  p. 

Theorem  11-15.  If  fi(x)  and  f2(x)  are  integral  polynomials,  not  both 
identically  congruent  to  zero  modulo  p,  a  prime,  then  D(x),  the  great- 
est common  divisor  modulo  p  of  fi(x)  and  fi(x),  exists  and  there  are 
integral  polynomials  gi(x)  and  gi(x)  such  that  D(x)  =  fi(x)gi(x)  + 
f2(x)g2(x)(mod  p). 

If  there  is  any  difference  in  degree,  assume  that  the  degree  of  fi(x)  is 
higher  than  that  of  f2(x),  for  the  theorem  is  evident  unless  both  polyno- 
mials are  nonconstants.     Then 

fi(x)  =  f2(x)q!(x)  +  riO)(mod  p) 
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and  either  r\(x)  =  0(mod  p)  or  ri(x)  is  of  lower  degree  than/2(x).  Repeat 
this  process  by  dividing  the  remainder  into  the  previous  divisor  whenever 
Vi(x)  ^  0(mod  p),  where  i  =  1,  2,  .  .  .  ,  k.  After  a  finite  number  of 
steps  we  shall  arrive  at  a  remainder  which  is  congruent  to  0  modulo  p, 
for  the  degree  of  the  remainder  continually  decreases.     Thus 

/2O)  s=  ri(x)q2(x)  +  r2(x)(mod  p) 
n(x)  =  r2(x)q3(x)  +  r3(x)(mod  p) 

rk-2(x)  =  rk-i(x)qk(x)  +  rk(x)(mod  p) 
rk-i(x)  =  rk(x)qk+1(x)(mod  p) 

Then  every  common  divisor  modulo  p  of  fi(x)  and/2(V)  divides  rk(x),  and 
rk(x)  is  a  common  divisor  modulo  p  of  these  polynomials.  Therefore, 
rk(x)  is  a  greatest  common  divisor  modulo  p  offi(x)  and /2 Or).  By  solving 
successively  for  the  n{x)  in  terms  of  fi(x)  and  f2(x),  we  find 

nix)  =  fi(x)hi(x)  +  f2(x)h2(x)(mod  p) 

If  the  leading  coefficient  c  of  rk(x)  is  not  congruent  to  1  modulo  p,  we 
determine  d  so  that  cd  =  1  (mod  p)  and  multiply  each  member  of  the  con- 
gruence by  d,  thereby  obtaining 

D(x)  ^f^g^x)  +  f2(x)g2(x)(modp) 

Consider  the  problem  of  determining  when  the  degree  of  g2(x)  will  be 
less  than  the  degree  of  fi(x)  and  that  of  gi(x)  will  be  less  than  the  degree 
oif2(x). 

It  will  now  be  easy  for  the  reader  to  prove  the  following  theorems: 

Theorem  11-16.  If  the  integral  polynomials  fi(x)  and  f2(x)  are  rela- 
tively prime  modulo  p,  a  prime,  and  if  fi(x)  divides  f2(x)fz(x)  modulo  p, 
then  fi(x)  divides  f^(x)  modulo  p. 

Theorem  11-17.  If  p  is  a  prime,  the  integral  polynomials  fi(x)  and 
f2(x)  are  relatively  prime  modulo  p  if  and  only  if  there  exist  integral  poly- 
nomials gi(x)  and  g2(x)  such  that  fi(x)gi(x)  +  f2(x)g2 (x)  =  l(mod  p). 

Consider  the  problem  of  the  unicity  of  #1(2)  and  g2(x). 

Theorem  11-18.  A  composite  integral  polynomial  modulo  p,  a  prime, 
can  be  factored  into  prime  polynomials  modulo  p,  and  except  for  the 
order  of  the  factors  and  associated  polynomials  modulo  p  the  factorization 
is  unique  for  the  modulus  p. 

11-3.  A  Method  for  Solving  a  Congruence  Modulo  p,  a  Prime.  If  p 
is  a  prime,  all  distinct  solutions  modulo  p  of  f(x)  =  0(mod  p)  are  among 
the  solutions  of  xp  —  x  =  0(mod  p).  Therefore,  to  solve  f(x)  =  0(mod  p), 
find  D(x),  the  greatest  common  divisor  modulo  p  of  f(x)  and  xp  —  x. 
Then  the  solutions  of  D(x)  =  0(mod  p)  are  the  distinct  solutions  of 
f(x)  =  0(mod  p),  and  their  number  is  the  degree  of  D(x).     Of  course, 
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f(x)  =  0(mod  p)  may  have  a  repeated  solution,  but  the  existence  of  a 
multiple  solution  x  =  r(mod  p)  can  be  determined  by  removing  the 
factor  x  —  r  modulo  p  from  fix)  and  substituting  r  for  x  in  the  quotient. 
Example.  We  can  exhibit  the  usefulness  of  this  device  by  finding  the 
solutions  of  x5  +  x3  +  x2  —  x  +  3  =  0(mod  5).  The  application  of  the 
algorithm  to  a;5  —  x  and  a;5  +  xz  +  x2  —  x  +  3  shows  that  D(x)  =  x2  — 
3x  +  2  (mod  5)  and  therefore  that  the  only  distinct  solutions  of  the  given 
congruence  are  x  =  1,  x  =  2(mod  5).  But  xb  +  xz  +  a;2  —  x  +  3  = 
(a;2  -  3a;  +  2)(x3  +  3a;2  +  Sx  +  4)  (mod  5).  The  congruence  z3  +  3a;2 
+  3a;  +  4  =  0(mod  5)  has  the  solution  x  =  2 (mod  5),  and  a;3  +  3a;2  + 
3a;  +  4  =  (a;  -  2)  (a;2  -  2)  (mod  5).  However,  a;2  -  2  =  0(mod  5)  is 
satisfied  by  neither  x  =  1  nor  x  =  2  (mod  5).  Hence,  the  solutions  of  the 
original  congruence  are  x  =  1,  x  =  2,  x  =  2  (mod  5). 

EXERCISES 

1.  Write  the  primary  prime  polynomials  modulo  3  of  degrees  0,  1,  and  2.  Then 
write  all  the  prime  polynomials  modulo  3  of  degree  2  that  are  incongruent  modulo  3. 

2.  Factor  2x5  +  x3  +  2z2  +  2x  +  2  into  prime  factors  modulo  3. 

3.  Find  the  solutions  of  x4  -  2x2  -  3  =  0(mod  5). 

4.  Find  the  solutions  of  x5  —  4x3  +  Sx  =  0(mod  7). 

5.  Find  the  solutions  of  x4  —  x  +  1  m  0(mod  7). 

6.  Find  the  solutions  of  2x4  -  10z  -  27  =  0(mod  35). 

7.  If  f(x)  is  an  integral  polynomial  and  p  is  a  prime,  develop  a  method  for  solving 
the  congruence /(x)  =  0(mod  p)  by  using  the  derivatives  oif(x)  with  respect  to  x  and 
certain  greatest  common  divisors  modulo  p. 


CHAPTER  12 
PARTITIONS 


12-1.  The  Additive  Theory  of  Numbers.  Leibnitz  (1646-1716)  was 
among  the  first  mathematicians  who  paid  particular  attention  to  develop- 
ing the  theory  concerned  with  the  separation  of  an  integer  into  all  possible 
summands  selected  from  a  given  set,  for  example,  the  representation  of  4 
by  4,  3  +  1,  2  +  2,  2  +  1  +  1,  1  +  1  +  1  +  1,  where  selections  are 
made  from  1,  2,  3,  and  4.  To  Euler,  however,  is  due  a  large  part  of  the 
basic  theory.  This  additive  theory  of  numbers  is  a  difficult  subject.  We 
shall  develop  only  the  fundamental  ideas.  The  student  can  refer  to  the 
work  of  G.  H.  Hardy,  one  of  the  modern  experts  in  this  field,  for  an 
extensive  treatment  of  this  topic. 

If  from  any  set  of  positive  integers  a»,  where  i  =  1,  2,  3,  .  .  .  ,  finite 
or  infinite,  we  select  m  numbers  so  that  n  =  ax  +  a2  +  ■  •  •  +  am,  the 
representation,  whether  or  not  it  contains  repetitions,  is  a  partition  of  the 
integer  n.  Thus  the  representation  of  n  as  a  sum  of  primes  is  a  partition 
of  n  in  which  the  selection  is  made  from  the  set  of  positive  primes.  In 
this  chapter  we  shall  confine  ourselves  to  selections  of  addends  from  the 
set  of  positive  integers  1,  2,  .  .  .  ,  q  or  from  all  the  positive  integers, 
considering  both  the  case  where  repetitions  are  permitted  and  where  they 
are  prohibited,  the  order  of  the  summands  in  each  situation  being 
irrelevant. 

We  shall  represent  the  number  of  partitions  of  n  containing  m  selections 
from  the  integers  1,2,  .  .  .  ,  q  with  repetitions  allowed  by  P(n,  m,  <g). 
If  repetitions  are  prohibited,  we  shall  use  the  symbol  Q(n,  m,  <q).  If  the 
representations  are  to  have  at  most  m  parts  selected  without  repetition 
from  1,  2,  .  .  .  ,  q,  their  number  will  be  expressed  by  Q(n,  <m,  <g). 
When  the  selections  are  made  from  the  set  of  all  positive  integers,  we 
shall  employ  P(n,  m)  and  Q(n,  m)  for  the  number  of  partitions  of  n,  with 
repetitions  and  without  repetitions,  respectively,  that  have  exactly  m 
parts.  If  the  selections  are  unrestricted  as  to  the  number  of  parts,  we 
shall  write  P(n,  U,  <q)  to  mean  the  number  of  partitions  of  n,  with 
repetitions  permitted,  into  any  number  of  parts  all  of  which  are  less  than 
or  equal  to  q,  and  Q(n,  U)  to  mean  the  number  of  partitions  of  n  into  any 
number  of  parts  selected  without  repetition  from  the  positive  integers. 
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If  the  selection  of  the  unrestricted  number  of  parts  is  to  be  from  among 
1,  2,  .  .  .  ,  q  and  is  always  to  include  q,  we  shall  write  P(n,  U,  q)  and 
Q(n,  U,  q).    J 

12-2.  Partitions  with  Repetitions.  To  separate  n  into  m  parts  with 
repetitions  let  each  of  the  m  parts  have  one  unit,  and  then  distribute  the 
remaining  n  —  m  units  to  one  part,  to  two  parts,  .  .  .  ,  to  m  parts. 
Thus  when  n  >  m  and  the  selections  are  from  the  positive  integers,  we 
have 

P(n,  m)  =  P(n  -  m,  1)  +  P(n  -  m,  2)  +   ■  ■  ■ 

+  P(n  —  m,  m) 
But  then 

P(n  -  1,  m  -  1)  =  P(n  -  m,  1)  +  P(n  -  m,  2)  +   •  •  • 

+  P(n  —  m,  m  —  1) 
Hence, 

P(n,  m)  =  P(n  —  1,  m  —  1)  +  P(n  —  m,  m) 

and  we  have  proved: 

Theorem  12-1.  When  the  addends  are  selected  from  the  positive 
integers,  the  number  of  partitions  of  n  into  m  parts  with  repetitions  is 
equal  to  P(n  —  1,  m  —  1)  +  P(n  —  m,  m). 

Example.  To  find  the  number  of  partitions  of  7  into  three  parts,  we 
find  P(7,  3)  =  P(6,  2)  +  P(4,  3).  Repeating  the  application  of  the 
recursion  formula  of  Theorem  12-1,  we  obtain 

P(6,  2)  =  P(5,  1)  +  P(4,  2)  =  1  +  P(4,  2) 

P(4,  2)  =  P(3,  1)  +  P(2,  2)  =  1  +  1 

P(4,  3)  =  P(3,  2)  +  P(l,  3)  =  P(3,  2) 

P(3,  2)  =  P(2,  1)  +  P(l,  2)  =  1 


Hence, 


P(7,  3)  =  4 


Corollary  1.     If  m  >  n/2,  P(n,  m)  =  P(n  —  1,  m  —  1). 
If  m  >  n  /  2,  n  —  m  <  m  and  P(n  —  m,  m)  =  0. 
Corollary  2.     P(2n,  2)  =  n,  and  P(2n  +  1,  2)  =  n. 
The  partitions  of  an  even  integer  2n  into  two  parts  are 

1  +  (2n  -  1) 

2  +  (2w  -  2) 


n  -f-  (2n  —  n) 


The  partitions  of  an  odd  integer  2n  +  1  greater  than  1  into  two  parts 
are 
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1  +  2n 

2  +  (2n  -  1) 

n  +  (n  +  1) 

By  making  use  of  the  formulas  P(n,  n)  =  1,  P(n,  n  —  1)  =  1,  P(n,  1) 

=  1,  as  well  as 

P(n,  2)  =  P(n  -  1,  1)  +  P(n  -  2,  2)  =  1  +  P(»  -  2,  2) 

P(w,  3)  =  P(w  -  1,  2)  +  P(n  -  3,  3)  =  P(n  -  2,  1)  +  P(n  -  3,  2) 

+  P(n  -  3,  3) 
=  1  +  P(n  -  3,  2)  +  P(n  -  3,  3) 


P(n,  k)  = P(n  -  1,  k  -  1)  +  P(w  -  fc,  ft) 

=  1  +  P(n  -  *,  2)  +  P(w  -  *,  3)  + 


+  P(n  -  k,  k) 


we  can  set  up  a  table  of  the  number  of  partitions  of  n  into  m  parts  selected 
from  the  positive  integers  with  repetitions  permitted. 


m,  the 

Values  of  n 

number 

of  parts 

1 

2 

3 

4 

5 

6 

7 

8 

9 

10 

11 

12 

1 

1 

1 

1 

1 

1 

1 

1 

1 

1 

1 

1 

1 

2 

1 

1 

2 

2 

3 

3 

4 

4 

5 

5 

6 

3 

1 

1 

2 

3 

4 

5 

7 

8 

10 

12 

4 

1 

1 

2 

3 

5 

6 

9 

11 

15 

5 

1 

1 

2 

3 

5 

7 

10 

13 

6 

1 

1 

2 

3 

5 

7 

11 

7 

1 

1 

2 

3 

5 

7 

8 

1 

1 

2 

3 

5 

9 

1 

1 

2 

3 

The  first  row  of  the  table  uses  P(n7  1)  =  1.  The  formulas  P(n,  n)  —  1 
and  P(n,  n  —  1)  =  1  account  for  the  two  diagonals  of  l's.  Passing  to 
the  second  row,  to  find  P(3,  2),  we  merely  add  the  numbers  in  the  column 
under  3-2=1.  To  find  P(4,  2),  add  the  numbers  under  4-2  =  2, 
etc.  To  write  the  third  row,  sum  the  numbers  under  4  —  3  =  1  for 
P(4,  3),  the  numbers  under  5  —  3  =  2  for  P(5,  3),  the  numbers  in  the 
first  three  rows  under  6  —  3  =  3  for  P(6,  3),  the  numbers  in  the  first  three 
rows  under  7  —  3  =  4  for  P(7,  3),  etc. 

From  the  way  the  table  has  been  set  up  it  is  evident  that  we  can  find 
P(n,  <m)  by  merely  looking  up  P(n  +  m,  m). 

12-3.  Diagrams  of  Partitions.  If  we  set  up  all  the  partitions  of  n  into 
exactly  m  parts  selected  from  1,  2,  .  .   .  ,  q,  with  repetitions  permitted, 
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and  always  employ  at  least  one  q,  and  then  remove  one  q  from  each  of  the 
partitions,  we  obviously  have  the  partitions  with  repetitions  permitted  of 
n  —  q  into  m  —  1  parts  selected  from  1,2,  .  .  .  ,  q;  that  is,  P(n,  m,  q)  = 
P(n  _  qf   m  —  iy    <g).     If  repetitions  are  prohibited,    Q(n,   m,   q)  = 

Q(n  —  q,  m  —  1,  <q  —  1). 

We  can  diagram  a  partition  of  n  into  m  parts  that  include  q  as  a  greatest 
integer  in  the  following  way  and  thus  graphically  exhibit  the  statement 
made  above: 

1     1     1     1     ...     1  (q  units) 

1     1     1     ...     1 


(m  rows) 


1     .  .  .     1 


Moreover,  if  we  read  the  diagram  by  columns,  we  have  a  partition  of  n 
into  q  parts  of  which  the  greatest  is  m.  Such  partitions  are  said  to  be 
conjugate.     The  diagram  shows  that  the  following  statement  is  valid: 

Theorem  12-2.  There  are  as  many  partitions  of  n  into  m  parts  selected 
from  1,  2,  .  .  .  ,  q  and  always  including  q  as  there  are  partitions  of  n  into 
q  parts  such  that  one  is  m  and  the  others  are  less  than  or  equal  to  m,  repe- 
titions being  permitted  in  each  case. 

Similarly  the  diagrams  show  the  following  theorem,  due  to  Euler: 

Theorem  12-3.  The  number  of  partitions  with  repetitions  permitted 
of  n  into  at  most  m  parts  is  the  same  as  the  number  of  partitions  with 
repetitions  permitted  of  n  into  parts  which  do  not  exceed  m;  that  is, 
P(n,  <m)  =  P(n,  U,  <m). 

Furthermore,  by  subtracting  P(n,  <m  —  1)  =  P(n,  U,  <m  —  1)  from 
P(n,  <m)  =  P(n,  U,  <m),  we  have: 

Corollary.     P(n,  m)  =  P(n,  U,  m). 

The  diagrams  also  make  it  clear  that: 

Theorem  12-4.  The  number  of  partitions  with  repetitions  permitted 
of  n  into  m  or  more  parts  is  the  same  as  the  number  of  partitions  with 
repetitions  permitted  of  n  into  parts  containing  an  element  that  is  greater 
than  or  equal  to  m. 

12-4.  Generating  Functions  for  the  Number  of  Partitions.  Consider 
the  addends  that  are  summed  to  determine  the  exponents  of  x  in  the 
product  (1  +  x)(l  +  z2)(l  +  x*)  =  1  +  x  +  x2  +  x1+2  +  x3  +  x1+*  + 
a-2+3  _[_  /Ci+2+3<  j£  js  evident  that  these  exponents  are  the  results  arising 
from  all  possible  selections  of  one,  two,  and  three  distinct  summands  from 
the  set  1,  2,  3.  Consequently,  the  coefficient  2  of  x3  gives  the  number  of 
ways  3  can  be  produced  by  adding  together  distinct  integers  selected  from 
1,  2,  and  3.  Similarly  the  coefficient  of  xn  in  the  expansion  of  (1  + 
x)(l  -f-  x2)  -  -  •  (1  +  xq)   is  the  number  of  partitions   of  n  into  dis- 
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tinct  integers  from  the  set  1,  2,  .  .  .  ,  q  and  is,  therefore,  the  value  of 
Q(n,  U,  <q). 

Now  take  the  product  (1  +  zx){\  +  zx2)  •  •  •  (1  +  zxq).  The  pres- 
ence of  the  z  in  each  factor  enables  us  to  count  the  number  of  addends 
used  to  produce  the  exponent  of  x.  Thus  the  coefficient  of  zmxn  is  the 
number  of  ways  in  which  n  can  be  represented  by  exactly  m  distinct 
addends  from  among  1,  2,  3,  .  .  .  ,  q.  It,  therefore,  enables  us  to  deter- 
mine Q(n,  m,  <q). 

The  effect  of  multiplying  (1  +  zx){\  +  zx2)  •  •  •  (1  +  zxq)  by  1  + 
z  +  z2  +  *  *  *  +  zqiq~1)/2  is  to  collect  the  terms  representing  the  number 
of  ways  n  can  be  produced  by  one,  two,  .  .  .  ,  m  distinct  addends,  for 
zxn  is  multiplied  by  zm~l  to  produce  zmxn;  z2xn,  by  zm~2;  etc.  Thus  the 
coefficient  of  zmxn  is  the  number  of  partitions  of  n  that  can  be  obtained  by 
choosing  at  most  m  distinct  integers  from  the  set  1,  2,  .  .  .  ,  q.  It  is  the 
value  of  Q(n,  <m,  <q). 

The  fact  that  the  series  1  +  xm  +  x2m  +  •  •  •  ,  developed  from  the 
quotient  1/(1  —  xm),  is  absolutely  convergent  for  0  <  x  <  1  enabled 
Kronecker*  to  prove  that  the  coefficients  of  the  expansion  of  the  gener- 
ating function  1/(1  —  x)(l  —  x2)(l  —  xz)  •  •  •  give  the  number  of  par- 
titions of  n  with  repetitions  permitted.  The  discovery  of  this  theorem  is 
due  to  Euler.  We  shall  merely  indicate  the  truth  of  the  statement  by  the 
following  argument:  To  produce  any  integer  n,  we  need  at  most  n  addends, 
and  hence  but  the  first  n  of  the  factors  (1  +  x  +  x2  +  •  •  •),  (1  +  x2  + 
x4  +  •  •  •),  .  .  .  ,  (1  +  xn  +  x2n  -f-  •  •  •)  determined  by  the  generating 
function.  The  first  term  of  the  (n  +  l)st  factor  in  the  product  of  the 
first  n  +  1  factors  would  merely  reproduce  the  product  of  the  first  n 
factors,  and  the  next  term  would  add  n  +  1  to  each  of  the  exponents  of  x 
already  produced  so  that  the  resulting  exponents  would  exceed  n.  It  is 
evident  also  that  all  succeeding  exponents  so  derived  would  exceed  n. 
Moreover,  any  term  developed  from  the  product  of  the  first  n  factors  is 
the  result  of  selecting  exactly  one  term  from  each  of  these  factors.  The 
choice  can  be  represented  as  the  selection  of  one  of  each  of  the  factors 
xa,  x2b,  x3c,  .  .  .  ,  xnk,  where  the  values  of  the  integers  a,  26,  Be,  .  .  .  ,  rik 
are  among  0,  1,  .  .  .  ,  n,  and  a  is  to  be  interpreted  as  the  sum  of  a  units, 
2b  as  the  sum  of  b  2?s,  3c  as  the  sum  of  c  3's,  etc.  Each  time  the  sum  of 
the  exponents,  a,  26,  3c,  ...  ,  nk,  is  n,  we  have  a  partition  of  n.  Thus 
the  coefficient  of  xn  gives  the  number  of  partitions  of  n  with  repetitions 
permitted. 

Let  us  illustrate  the  use  of  the  generating  function  by  finding  the  parti- 
tions of  5.  We  need  but  the  factors  (1  +  x  +  x2  +  x3  +  x4  +  xb), 
(1  +  x2  +  x4),  (1  +  x3),  (1  +  x4),  and  (1  +  z5).     The  product  is  to  be 

*L.  E.  Dickson,  "  History  of  the  Theory  of  Numbers,"  Vol.  2,  p.  104. 
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interpreted  in  the  form 

(1  +  X  +  xl+l  +  xl+l+1  +  x1+1+1+1  +  a;i+i+i+i+i)(l  +  x2  +  x2+2) 


(1  +  x3)(l  +  z4)(l  +  Z5) 


Then  the  expansion  is 


1    +  X  +  £1+1   +  £1+1+1 

+  x1+1+1+1 

_|_  ^  1+1+ l+i+l 

+ 

+  X2      +  x1+2 

+  z1+1+2 

+  ^1+1+1+2 

+ 

+  x2+2 

_J_  xl+2+2 

+ 

+  z3 

+  x1+3 

_|_  ^1+1+3 

+ 

+   X2+3 

+ 

+  x* 

+  Z1+4 

+ 

+  £5 

+ 

The  partitions  of  1,  2,  3,  4,  as  well  as  5,  are  thereby  enumerated,  and  the 
coefficient  7  of  x5  is  the  value  of  P(5,  C/). 

Similarly  we  can  see  that  1/(1  —  x)(l  —  x3)(l  —  xh)  •  •  •  enumerates 
the  partitions  of  n  into  odd  integers  with  repetitions  permitted  and  that 
1/(1  —  x2)(l  —  xA)(l  —  x6)  •  -  •  does  the  same  when  the  parts  are  even. 


EXERCISES 

1.  Show  that  P(n,  <m,  q)  =  P(n,  q,  <  in). 

2.  Show  that  P(n,  U,  <q)  =  P(n  +  q,  q). 

3.  Find  the  number  of  partitions  of  n  into  parts  selected  from  1,  2,  22,  23,  .   .  .  . 

4.  Show  that  the  number  of  partitions  of  n  in  terms  of  odd  integers  with  repetitions 
is  equal  to  Q(n,  U). 

5.  Write  a  generating  function  which  will  enumerate  the  partitions  of  n  into  parts 
that  are  odd  and  unequal. 

6.  Show  that  xr/(l  —  x2)(l  —  x4)  •  •  •  (1  —  x2q)  enumerates  the  partitions  of 
n  —  r  into  even  parts  that  do  not  exceed  2q  with  repetitions  permitted.  Show  also 
that  when  n  —  r  is  even,  the  same  function  enumerates  the  partitions  of  (n  —  r)/2 
into  parts  not  larger  than  m  with  repetitions. 

7.  Find  a  method  for  listing  all  the  partitions  of  n  into  m  parts  by  starting  with 
m  —  1  units  and  the  integer  n  —  m  +  1. 
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